XPath Injection
The Addresses Object parsing function does not properly escape single quotes. Ref PAN-55237/92073/CVE-2016-9149 This post-authentication vulnerability could allow XPath manipulation. This issue affects PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.14...