exploitDog

CVE-2018-1142

Опубликовано: 28 мар. 2018

Источник: nvd

CVSS3: 5.4

CVSS2: 3.5

EPSS Низкий

Описание

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Utilizing a specially crafted request, an authenticated attacker could potentially execute arbitrary JavaScript code by manipulating certain URL parameters related to offline plugins.

Ссылки

https://www.tenable.com/security/tns-2018-02
Patch
Vendor Advisory
https://www.tenable.com/security/tns-2018-02
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:tenable:appliance:*:*:*:*:*:*:*:*

Версия до 4.6.1 (включая)

EPSS

Процентиль: 52%

0.00288

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9qrj-ww3w-jxgp

CVSS3: 5.4

github

больше 3 лет назад

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Utilizing a specially crafted request, an authenticated attacker could potentially execute arbitrary JavaScript code by manipulating certain URL parameters related to offline plugins.

EPSS

Процентиль: 52%

0.00288

Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79