CVE-2024-1891 — Vulnetix

CVE-2024-1891 PUBLISHED CVSS 3.5 LOW

A stored cross site scripting vulnerability exists in Tenable Security Center where an authenticated, remote attacker could inject HTML code into a web application scan result page.

EPSS 0.21% · 44.0th percentile

Risk Scores

CVSS 3.1

3.5

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

EPSS Score

0.21%

44.0th percentile

Affected Products

Vendor	Product	Versions
tenable	security_center	0, 0
tenable	security_center	0, 0
Tenable	Security Center	0, 0

Exploit Intelligence

https://www.tenable.com/security/tns-2024-10 (circl)

Timeline

Jun 11, 2024 CVE Published
Jun 13, 2024 EPSS Score
Jul 6, 2024 EPSS Score
Jul 29, 2024 EPSS Score
Aug 1, 2024 CVE Updated
Aug 24, 2024 EPSS Score
Sep 16, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 9, 2024 EPSS Score
Nov 1, 2024 EPSS Score
Nov 24, 2024 EPSS Score
Dec 17, 2024 EPSS Score

References

https://www.tenable.com/security/tns-2024-10 url
https://nvd.nist.gov/vuln/detail/CVE-2024-1891 advisory

Open in Interactive Console →