GlobalProtect Portal Login page in Palo Alto Networks PAN-OS before 8.1.4 allows an unauthenticated attacker to inject arbitrary JavaScript or HTML.
2018-10-12T22:29:00.623
2024-11-21T03:40:55.037
Modified
CVSSv3.0: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | paloaltonetworks | pan-os | < 6.1.0 | Yes |
| Operating System | paloaltonetworks | pan-os | ≤ 7.0.19 | Yes |
| Operating System | paloaltonetworks | pan-os | < 8.1.4 | Yes |