vulnerability

Palo Alto Networks PAN-SA-2018-0009 (CVE-2018-10139): Cross-Site Scripting

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Aug 15, 2018	Aug 16, 2018	Nov 27, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Aug 15, 2018

Added

Aug 16, 2018

Modified

Nov 27, 2024

Description

The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.

Solutions

palo-alto-networks-pan-os-upgrade-6-1palo-alto-networks-pan-os-upgrade-7-1palo-alto-networks-pan-os-upgrade-8-0palo-alto-networks-pan-os-upgrade-8-1

References

NVD-CVE-2018-10139
URL-https://securityadvisories.paloaltonetworks.com

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today