The PAN-OS response for GlobalProtect Gateway in Palo Alto Networks PAN-OS 6.1.21 and earlier, PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11 and earlier may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML. PAN-OS 8.1 is NOT affected.
[
{
"product": "PAN-OS",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "affected",
"version": "6.1.21 and earlier"
},
{
"status": "affected",
"version": "7.1.18 and earlier"
},
{
"status": "affected",
"version": "8.0.11 and earlier"
}
]
}
]