Sensitive Information Disclosure via token parameter in Tenable Web UI
CVE-2014-4980 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
Learn more about our Web App Pen Testing.