CVE-2019-3961: XSS
First published: Tue Jun 25 2019(Updated: )
Nessus versions 8.4.0 and earlier were found to contain a reflected XSS vulnerability due to improper validation of user-supplied input. An unauthenticated, remote attacker could potentially exploit this vulnerability via a specially crafted request to execute arbitrary script code in a users browser session.
Credit: vulnreport@tenable.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Tenable Nessus | <=8.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID is CVE-2019-3961.
What is the severity level of CVE-2019-3961?
The severity level of CVE-2019-3961 is medium.
Which software versions are affected by CVE-2019-3961?
Nessus versions 8.4.0 and earlier are affected by CVE-2019-3961.
What is the impact of CVE-2019-3961?
CVE-2019-3961 allows an unauthenticated attacker to execute arbitrary script code in a user's browser.
Are there any references available for CVE-2019-3961?
Yes, you can find more information about CVE-2019-3961 at the following links: [securityfocus.com](http://www.securityfocus.com/bid/108892) and [tenable.com](https://www.tenable.com/security/tns-2019-04).
- collector/nvd-index
- agent/weakness
- agent/type
- vendor/tenable
- canonical/tenable nessus
- version/tenable nessus/8.4.0