Tenable Nessus 6.x < 6.9.3 Multiple Stored XSS
Medium Nessus Plugin ID 96833
SynopsisAn application running on the remote host is affected by multiple cross-site scripting vulnerabilities.
DescriptionAccording to its self-reported version, the Tenable Nessus application running on the remote host is prior to 6.9.3. It is, therefore, affected by multiple stored cross-site scripting (XSS) vulnerabilities due to improper validation of user-supplied input. An authenticated, remote attacker can exploit these, via a specially crafted request, to execute arbitrary script code in a user's browser session.
SolutionUpgrade to Tenable Nessus version 6.9.3 or later.