Security Advisory

CVE-2023-6789

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-12-13 18:26:30

Last updated 2024-08-02 08:42:07

Assigner palo_alto

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. Then, when viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator.

← Browse all CVEs View on cve.org ↗