Tenable Web Ui vulnerabilities
2 known vulnerabilities affecting tenable/web_ui.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-7280MEDIUMCVSS 4.3PoC≤ 2.3.32014-10-21
CVE-2014-7280 [MEDIUM] CWE-79 CVE-2014-7280: Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x
Cross-site scripting (XSS) vulnerability in the Web UI before 2.3.4 Build #85 for Tenable Nessus 5.x allows remote web servers to inject arbitrary web script or HTML via the server header.
nvd
CVE-2014-4980MEDIUMCVSS 5.0≤ 2.3.42014-07-23
CVE-2014-4980 [MEDIUM] CWE-200 CVE-2014-4980: The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows
The /server/properties resource in Tenable Web UI before 2.3.5 for Nessus 5.2.3 through 5.2.7 allows remote attackers to obtain sensitive information via the token parameter.
nvd