CVE-2016-9259
Description
Cross-site scripting (XSS) vulnerability in Tenable Nessus before 6.9.1 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
Risk Information
Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.171
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2016-1000028,CVE-2016-1000029,CVE-2016-9259 are affected in Nessus Agent (x64) 6.8 | Windows |
| Multiple Vulnerabilities are affected in Nessus Agent (x64) 6.8.1 | Windows |
| Vulnerabilities CVE-2016-9259 are affected in Nessus Agent (x64) 6.8.2 | Windows |
| Vulnerabilities CVE-2016-9259 are affected in Nessus Agent (x64) 6.9 | Windows |
| Vulnerabilities CVE-2016-1000028,CVE-2016-1000029,CVE-2016-9259 are affected in Nessus Agent 6.8 | Windows |
| Multiple Vulnerabilities are affected in Nessus Agent 6.8.1 | Windows |
| Vulnerabilities CVE-2016-9259 are affected in Nessus Agent 6.8.2 | Windows |
| Vulnerabilities CVE-2016-9259 are affected in Nessus Agent 6.9 | Windows |
| Vulnerabilities CVE-2016-9259 are fixed in Nessus 6.9.1 | Windows |
| Vulnerabilities CVE-2016-9259 are fixed in Tenable Nessus 6.9.1 | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-343100 | Nessus Agent (x64) (10.8.0) |
| PATCH-343100 | Nessus Agent (x64) (10.8.0) |
| PATCH-343100 | Nessus Agent (x64) (10.8.0) |
| PATCH-343100 | Nessus Agent (x64) (10.8.0) |
| PATCH-343099 | Nessus Agent (10.8.0) |
| PATCH-343099 | Nessus Agent (10.8.0) |
| PATCH-343099 | Nessus Agent (10.8.0) |
| PATCH-343099 | Nessus Agent (10.8.0) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234