CVE-2016-9260

Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to handling of .nessus files.
References
Link Resource
http://jvn.jp/en/jp/JVN12796388/index.html Third Party Advisory VDB Entry
http://jvndb.jvn.jp/en/contents/2017/JVNDB-2017-000013.html Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/95772 Third Party Advisory VDB Entry
https://www.tenable.com/security/tns-2016-16 Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-01-31 22:59

Updated : 2024-02-04 19:11


NVD link : CVE-2016-9260

Mitre link : CVE-2016-9260

CVE.ORG link : CVE-2016-9260


JSON object : View

Products Affected

tenable

  • nessus
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')