Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-0955

A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.

Published

2024-02-07T00:15:55.450

Last Modified

2024-11-21T08:47:52.317

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 4.8 (MEDIUM)

Weaknesses

Type: Secondary
CWE-20
Type: Primary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	tenable	nessus	< 10.7.0	Yes

References

https://www.tenable.com/security/tns-2024-01 Vendor Advisory ([email protected])
https://www.tenable.com/security/tns-2024-01 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)