cpe:/a:tenable:nessus:4.4.1.15078::~~~~x64~ cpe:/a:tenable:nessus:5.2.0 cpe:/a:tenable:nessus:5.2.1 cpe:/a:tenable:nessus:5.2.2 cpe:/a:tenable:nessus:5.2.3 cpe:/a:tenable:nessus:5.2.4 cpe:/a:tenable:nessus:5.2.5 cpe:/a:tenable:nessus:5.2.6 cpe:/a:tenable:nessus:5.2.7 cpe:/a:tenable:nessus:5.2.8 cpe:/a:tenable:nessus:5.2.9 cpe:/a:tenable:nessus:5.2.10 cpe:/a:tenable:nessus:5.2.11 cpe:/a:tenable:nessus:5.2.12 cpe:/a:tenable:nessus:6.0.0 cpe:/a:tenable:nessus:6.0.1 cpe:/a:tenable:nessus:6.0.2 cpe:/a:tenable:nessus:6.1.0 cpe:/a:tenable:nessus:6.1.1 cpe:/a:tenable:nessus:6.1.2 cpe:/a:tenable:nessus:6.2.0 cpe:/a:tenable:nessus:6.2.1 cpe:/a:tenable:nessus:6.3.0 cpe:/a:tenable:nessus:6.3.1 cpe:/a:tenable:nessus:6.3.2 cpe:/a:tenable:nessus:6.3.3 cpe:/a:tenable:nessus:6.3.4 cpe:/a:tenable:nessus:6.3.5 cpe:/a:tenable:nessus:6.3.6 cpe:/a:tenable:nessus:6.3.7 cpe:/a:tenable:nessus:6.4.0 cpe:/a:tenable:nessus:6.4.1 cpe:/a:tenable:nessus:6.4.2 cpe:/a:tenable:nessus:6.4.3 cpe:/a:tenable:nessus:6.5.0 cpe:/a:tenable:nessus:6.5.1 cpe:/a:tenable:nessus:6.5.2 cpe:/a:tenable:nessus:6.5.3 cpe:/a:tenable:nessus:6.5.4 cpe:/a:tenable:nessus:6.5.5 cpe:/a:tenable:nessus:6.5.6 cpe:/a:tenable:nessus:6.6.0 cpe:/a:tenable:nessus:6.6.1 cpe:/a:tenable:nessus:6.6.2 cpe:/a:tenable:nessus:6.7 cpe:/a:tenable:nessus:6.7.0 cpe:/a:tenable:nessus:6.8 cpe:/a:tenable:nessus:6.8.0 cpe:/a:tenable:nessus:6.8.1 cpe:/a:tenable:nessus:6.8.2 cpe:/a:tenable:nessus:6.9 cpe:/a:tenable:nessus:6.9.0 cpe:/a:tenable:nessus:6.9.1 cpe:/a:tenable:nessus:6.9.2 cpe:/a:tenable:nessus:6.9.3 cpe:/a:tenable:nessus:6.10.0 cpe:/a:tenable:nessus:6.10.1 cpe:/a:tenable:nessus:6.10.2 cpe:/a:tenable:nessus:6.10.3 cpe:/a:tenable:nessus:6.10.4 cpe:/a:tenable:nessus:6.10.5 cpe:/a:tenable:nessus:6.10.6 cpe:/a:tenable:nessus:6.10.7 cpe:/a:tenable:nessus:6.10.8 cpe:/a:tenable:nessus:6.10.9 cpe:/a:tenable:nessus:6.11.0 cpe:/a:tenable:nessus:6.11.1 cpe:/a:tenable:nessus:6.11.2 cpe:/a:tenable:nessus:6.11.3 cpe:/a:tenable:nessus:6.12.0 cpe:/a:tenable:nessus:7.0.0 cpe:/a:tenable:nessus:7.0.1 cpe:/a:tenable:nessus:7.0.2 cpe:/a:tenable:nessus:7.0.3 CVE-2018-1147 2018-05-18T18:29:00.227-04:00 2018-06-19T11:32:03.260-04:00 3.5 NETWORK MEDIUM SINGLE_INSTANCE NONE PARTIAL NONE http://nvd.nist.gov 2018-06-18T10:52:10.507-04:00 SECTRACK 1040918 CONFIRM https://www.tenable.com/security/tns-2018-05 In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.