First published: Wed Dec 13 2023(Updated: )
A DOM-Based cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface.
Credit: psirt@paloaltonetworks.com
Affected Software | Affected Version | How to fix |
---|---|---|
Paloaltonetworks Pan-os | >=8.1.0<8.1.25 | |
Paloaltonetworks Pan-os | >=9.0.0<9.0.17 | |
Paloaltonetworks Pan-os | >=9.1.0<9.1.16 | |
Paloaltonetworks Pan-os | >=10.0.0<10.0.12 | |
Paloaltonetworks Pan-os | >=10.1.0<10.1.9 | |
Paloaltonetworks Pan-os | >=10.2.0<10.2.4 | |
Paloaltonetworks Pan-os | =11.0.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.