Описание
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 10.7.0 (исключая)
cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-20
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
около 2 лет назад
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
EPSS
Процентиль: 27%
0.00097
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-20
CWE-79