CVE-2016-9259 :- Nessus 6.9.1 Stored Cross Site Scripting

Nessus 6.9.1 Fixes One Vulnerability

Synopsis

Nessus and Tenable's managed Nessus Cloud offering were found to be impacted by an authenticated stored cross-site scripting (XSS) issue reported to us by Kaustubh Padwad. Tenable thanks him for privately reporting the issue to us and giving us time to resolve the issue.

Please note that Tenable strongly recommends that Nessus be installed on a subnet that is not Internet addressable.

Solution

Tenable has released Nessus version 6.9.1 that corresponds to the supported operating systems and architectures. This version addresses the XSS issue.