This script is Copyright (C) 2010-2017 Tenable Network Security, Inc.
A web server running on the remote host is affected by a cross-site
According to its self-reported version number, the Nessus web server
running on the remote host is affected by a cross-site scripting
vulnerability due to improper validation of input to a GET parameter
before returning it to users. A remote attacker can exploit this, via
a specially crafted request, to execute arbitrary script code in a
user's browser session.
See also :
Upgrade the plugin feed using 'nessus-update-plugins', restart the web
server, and verify web server version 1.2.4 or later is running. The
web server version can be viewed by logging in and clicking the
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true