HTML Injection Vulnerability in Security Center's Repository
CVE-2024-1471

4.8MEDIUM

Key Information:

Vendor

Tenable

Status
Security Center
Vendor
CVE Published:
14 February 2024

What is CVE-2024-1471?

An HTML injection vulnerability exists where an authenticated, remote attacker with administrator privileges on the Security Center application could modify Repository parameters, which could lead to HTML redirection attacks.

Affected Version(s)

Security Center Linux 0

References

https://www.tenable.com/security/tns-2024-02

CVSS V3.1

Score:
4.8
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
The Cyber Security Vulnerability Database.