vulnerability

Palo Alto Networks PAN-SA-2017-0030 (CVE-2017-15941): Cross Site Scripting Vulnerability in PAN-OS GlobalProtect

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:N/C:N/I:P/A:N)	Jan 2, 2018	Jan 2, 2018	Nov 27, 2024

Severity

CVSS

(AV:N/AC:M/Au:N/C:N/I:P/A:N)

Published

Jan 2, 2018

Added

Jan 2, 2018

Modified

Nov 27, 2024

Description

Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Solutions

palo-alto-networks-pan-os-upgrade-6-1palo-alto-networks-pan-os-upgrade-7-0palo-alto-networks-pan-os-upgrade-7-1palo-alto-networks-pan-os-upgrade-8-0

References

NVD-CVE-2017-15941
URL-https://securityadvisories.paloaltonetworks.com

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today