Security Advisory

CVE-2025-0104

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-11 03:00:40

Last updated 2025-01-13 19:51:27

Assigner palo_alto

State PUBLISHED

Description

A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.

← Browse all CVEs View on cve.org ↗