Back to search
CVE-2023-24494
Published: Jan 25, 2023
Modified: Apr 1, 2025
PUBLISHED
Description
A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this by convincing a user to click a specially crafted URL, to execute arbitrary script code in a user's browser session.
| Vendor | Product | Versions |
|---|---|---|
n/a | Tenable.sc | affected Tenable.sc versions 5.23.1 and earlier |
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now