Security Advisory

CVE-2024-5906

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-06-12 16:22:38

Last updated 2024-08-01 21:25:03

Assigner palo_alto

State PUBLISHED

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another users browser when accessed by that other user.

← Browse all CVEs View on cve.org ↗