Tenable: >> Appliance >> 2.0.1 Security Vulnerabilities
Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. Utilizing a specially crafted request, an authenticated attacker could potentially execute arbitrary JavaScript code by manipulating certain URL parameters related to offline plugins.
CVSS Score
5.4
EPSS Score
0.003
Published
2018-03-28
Tenable Appliance 4.4.0, and possibly prior, contains a flaw in the Web UI that allows for the unauthorized manipulation of the admin password.
CVSS Score
7.5
EPSS Score
0.002
Published
2017-04-21