cve/2018/CVE-2018-1155.md

### [CVE-2018-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1155)
![](https://img.shields.io/static/v1?label=Product&message=SecurityCenter&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-Site%20Scripting%20(XSS)&color=brighgreen)

### Description

In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS) issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue.

### POC

#### Reference
- https://www.tenable.com/security/tns-2018-11
- https://www.tenable.com/security/tns-2018-11

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2018-1155](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1155)`
			`![](https://img.shields.io/static/v1?label=Product&message=SecurityCenter&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=Cross-Site%20Scripting%20(XSS)&color=brighgreen)`

			`### Description`

			`In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS) issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue.`

			`### POC`

			`#### Reference`
			`- https://www.tenable.com/security/tns-2018-11`
Update CVE sources 2024-06-09 00:33 2024-06-09 00:33:16 +00:00			`- https://www.tenable.com/security/tns-2018-11`
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00
			`#### Github`
			`No PoCs found on GitHub currently.`