Stored XSS Vulnerability in Nessus Application Allows Remote Code Execution
CVE-2024-0955 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
A stored XSS vulnerability exists where an authenticated, remote attacker with administrator privileges on the Nessus application could alter Nessus proxy settings, which could lead to the execution of remote arbitrary scripts.
Learn more about our Web Application Penetration Testing UK.