3 matches found
Palo Alto Expedition < 1.1.13 Cross-Site Scripting Vulnerability (PAN-SA-2019-0009)
A cross-site scripting XSS vulnerability exists in Palo ALto Expedition Migration Tool due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, by convincing a user to click a specially crafted URL, to execute arbitrary...
CVE-2019-1574
CVE-2019-1574 describes a cross-site scripting (XSS) vulnerability in the Palo Alto Networks Expedition Migration Tool (versions up to 1.1.12). An authenticated attacker can craft a link to execute arbitrary JavaScript/HTML in the user’s Devices View due to improper input validation. Affected rel...
Cross-Site Scripting in Expedition Migration Tool
A cross-site scripting XSS vulnerability exist in the Palo Alto Networks Migration Tool “Expedition”. Ref MT-1009/ CVE-2019-1574 Successful exploitation of this issue may allow an authenticated attacker to inject arbitrary JavaScript or HTML in the Devices View. This issue affects Expedition 1.1....