FortiClient Vulnerability

Tenable Nessus CVE-2019-3962 Cross Site Scripting Vulnerability

Description

Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration.

Affected Applications

Tenable Nessus

CVE References

CVE-2019-3962

Other References

https://www.tenable.com/security

ID	71066
Created	Feb 15, 2022
Description Updated	Dec 18, 2023
Risk
Coverage	FortiClient
OS	Windows
Vendor	Tenable Network Security
Patch	manual
Application	Tenable Nessus

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Tenable Nessus CVE-2019-3962 Cross Site Scripting Vulnerability

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Tenable Nessus CVE-2019-3962 Cross Site Scripting Vulnerability

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center