CVE-2019-3962 is a vulnerability in Tenable Nessus
Published on July 1, 2019
Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may allow an authenticated, local attacker to exploit this vulnerability by convincing another targeted Nessus user to view a malicious URL and use Nessus to send fraudulent messages. Successful exploitation could allow the authenticated adversary to inject arbitrary text into the feed status, which will remain saved post session expiration.
Products Associated with CVE-2019-3962
Want to know whenever a new CVE is published for Tenable Nessus? stack.watch will email you.
Affected Versions
Tenable Nessus Version All versions prior to 8.5.0 is affected by CVE-2019-3962Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.