{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T11:49:16.921","vulnerabilities":[{"cve":{"id":"CVE-2018-1155","sourceIdentifier":"vulnreport@tenable.com","published":"2018-08-02T19:29:00.873","lastModified":"2024-11-21T03:59:17.970","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In SecurityCenter versions prior to 5.7.0, a cross-site scripting (XSS) issue could allow an authenticated attacker to inject JavaScript code into an image filename parameter within the Reports feature area. Properly updated input validation techniques have been implemented to correct this issue."},{"lang":"es","value":"En SecurityCenter, en versiones anteriores a la 5.7.0, un problema de Cross-Site Scripting (XSS) podría permitir que un atacante autenticado inyecte código JavaScript en un parámetro image filename en el área de la funcionalidad Reports. Se han implementado técnicas de validación de entradas correctamente actualizadas para corregir este problema."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:tenable:securitycenter:*:*:*:*:*:*:*:*","versionEndExcluding":"5.7.0","matchCriteriaId":"56C3DD11-31E9-4FDA-8EAF-C1D774F7A32F"}]}]}],"references":[{"url":"http://www.securitytracker.com/id/1041431","source":"vulnreport@tenable.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.tenable.com/security/tns-2018-11","source":"vulnreport@tenable.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securitytracker.com/id/1041431","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://www.tenable.com/security/tns-2018-11","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}