Vulnerability
Description
The PAN-OS management web interface has a reflected cross-site scripting (XSS) vulnerability. A remote attacker who can persuade an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface can run arbitrary JavaScript code in the administrator’s browser and perform administrative actions. PAN-OS 8.1 versions prior to PAN-OS 8.1.16; PAN-OS 9.0 versions prior to PAN-OS 9.0.9 are affected by this bug.
Recommendations
- Update PAN-OS to the latest version
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
