CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication

🗓️ 14 Jun 2023 16:31:35Reported by palo_altoType

PAN-OS XSS Vulnerability in Captive Porta

Reporter	Title	Published	Views	Family All 12
Circl	CVE-2023-0010	14 Jun 202320:20	–	circl
CNNVD	Palo Alto Networks PAN-OS 跨站脚本漏洞	14 Jun 202300:00	–	cnnvd
CNVD	Palo Alto Networks PAN-OS Cross-Site Scripting Vulnerability (CNVD-2024-20512)	16 Jun 202300:00	–	cnvd
CVE	CVE-2023-0010	14 Jun 202316:31	–	cve
EUVD	EUVD-2023-12115	3 Oct 202520:07	–	euvd
NVD	CVE-2023-0010	14 Jun 202317:15	–	nvd
OSV	CVE-2023-0010	14 Jun 202317:15	–	osv
Palo Alto Networks	PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication	14 Jun 202316:00	–	paloalto
Tenable Nessus	Palo Alto Networks PAN-OS 8.1.x < 8.1.24 / 9.0.x < 9.0.17 / 9.1.x < 9.1.16 / 10.0.x < 10.0.11 / 10.1.x < 10.1.6 / 10.2.x < 10.2.2 Vulnerability	14 Jun 202300:00	–	nessus
Prion	Cross site scripting	14 Jun 202317:15	–	prion

[
  {
    "defaultStatus": "unaffected",
    "platforms": [
      "Firewall"
    ],
    "product": "PAN-OS",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "11.0"
      },
      {
        "changes": [
          {
            "at": "10.2.2",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.2.2",
        "status": "affected",
        "version": "10.2",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10.1.6",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.1.6",
        "status": "affected",
        "version": "10.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "10.0.11",
            "status": "unaffected"
          }
        ],
        "lessThan": "10.0.11",
        "status": "affected",
        "version": "10.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "9.1.16",
            "status": "unaffected"
          }
        ],
        "lessThan": "9.1.16",
        "status": "affected",
        "version": "9.1",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "9.0.17",
            "status": "unaffected"
          }
        ],
        "lessThan": "9.0.17",
        "status": "affected",
        "version": "9.0",
        "versionType": "custom"
      },
      {
        "changes": [
          {
            "at": "8.1.24",
            "status": "unaffected"
          }
        ],
        "lessThan": "8.1.24",
        "status": "affected",
        "version": "8.1",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Cloud NGFW",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "Prisma Access",
    "vendor": "Palo Alto Networks",
    "versions": [
      {
        "status": "unaffected",
        "version": "All"
      }
    ]
  }
]

Source	Link
security	www.security.paloaltonetworks.com/CVE-2023-0010

14 Jun 2023 16:31Current

5.3Medium risk

Vulners AI Score5.3

CVSS 3.15.4

EPSS0.00817

CWE-79