PT-2020-18686 · Tenable · Nessus
Published
2020-07-15
·
Updated
2020-07-20
·
CVE-2020-5765
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Nessus versions prior to 8.11.0
Description
The issue is related to a Stored XSS vulnerability due to improper validation of input during scan configuration. An authenticated, remote attacker could potentially exploit this vulnerability to execute arbitrary code in a user's session.
Recommendations
For Nessus versions prior to 8.11.0, update to Nessus 8.11.0 to resolve the issue. As a temporary workaround, consider restricting access to scan configuration to minimize the risk of exploitation.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nessus