CVE-2018-1147 is a vulnerability in Tenable Nessus
Published on May 18, 2018
In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings.
Products Associated with CVE-2018-1147
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-1147 are published in Tenable Nessus:
Affected Versions
Tenable Nessus Version All versions prior to 7.1.0 is affected by CVE-2018-1147Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.