CVE-2022-0020 Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface

🗓️ 10 Feb 2022 18:10:23Reported by palo_altoType

Stored Cross-Site Scripting (XSS) Vulnerability in Cortex XSOAR Web Interfac

Reporter	Title	Published	Views	Family All 13
0day.today	Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting Vulnerability	8 Apr 202300:00	–	zdt
ATTACKERKB	CVE-2022-0020	9 Feb 202217:00	–	attackerkb
Circl	CVE-2022-0020	10 Feb 202220:17	–	circl
CNNVD	Palo Alto Network Cortex XSOAR 跨站脚本漏洞	9 Feb 202200:00	–	cnnvd
CVE	CVE-2022-0020	10 Feb 202218:10	–	cve
Exploit DB	Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)	8 Apr 202300:00	–	exploitdb
EUVD	EUVD-2022-15241	3 Oct 202520:07	–	euvd
NVD	CVE-2022-0020	10 Feb 202218:15	–	nvd
OSV	CVE-2022-0020	10 Feb 202218:15	–	osv
Palo Alto Networks	Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface	9 Feb 202217:00	–	paloalto

[
  {
    "vendor": "Palo Alto Networks",
    "product": "Cortex XSOAR",
    "versions": [
      {
        "version": "6.5.0 all",
        "status": "unaffected"
      },
      {
        "version": "6.1.0 all",
        "status": "affected"
      },
      {
        "version": "6.2.0",
        "status": "affected",
        "lessThan": "1958888",
        "versionType": "custom",
        "changes": [
          {
            "at": "1958888",
            "status": "unaffected"
          }
        ]
      }
    ]
  }
]

Source	Link
packetstormsecurity	www.packetstormsecurity.com/files/171782/Palo-Alto-Cortex-XSOAR-6.5.0-Cross-Site-Scripting.html
security	www.security.paloaltonetworks.com/CVE-2022-0020

10 Apr 2023 00:00Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.8

EPSS0.01711

CWE-79