PT-2024-15935 · Tenable · Tenable Nessus
Chris Haller
+2
·
Published
2024-02-06
·
Updated
2024-02-14
·
CVE-2024-0955
CVSS v3.1
4.8
Medium
| Vector | AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Tenable Nessus (affected versions not specified)
Description
A stored XSS issue exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, leading to the execution of remote arbitrary scripts.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tenable Nessus