Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Tenable Network Security Nessus 跨站脚本漏洞
Vulnerability Description
Tenable Network Security Nessus是美国Tenable Network Security公司的一款具有较强可扩展性的开源漏洞扫描器。 Tenable Network Security Nessus 7.1.0之前版本中存在跨站脚本漏洞,该漏洞源于程序没有正确的执行输入验证。远程攻击者可通过创建并上传.nessus文件或更改高级设置中的变量利用该漏洞在用户浏览器会话中执行任意的脚本代码。
CVSS Information
N/A
Vulnerability Type
N/A