Nessus Windows < 3.0.6 GUI Unspecified XSS
Medium Nessus Plugin ID 25612
SynopsisAn application running on the remote host is affected by a cross-site scripting vulnerability.
DescriptionAccording to its self-reported version number, the Tenable Nessus application running on the remote host is affected by a cross-site scripting (XSS) vulnerability due to a failure to properly sanitize user-supplied input before using it to generate dynamic content. An unauthenticated, remote attacker can exploit this issue to inject arbitrary HTML or script code into a user's browser to be executed within the security context of the affected host.
SolutionUpgrade to Nessus for Windows version 3.0.6 or later.