CVE-2024-0010 - Common Vulnerabilities and Exposures https://www.hacktheforum.com/common-vulnerabilities-and-exposures/cve-2024-0010/ Hack The Forum Discussion Board en Sun, 19 Apr 2026 05:03:33 +0000 wpForo 60 CVE-2024-0010 https://www.hacktheforum.com/common-vulnerabilities-and-exposures/cve-2024-0010/#post-330 Tue, 07 May 2024 12:44:46 +0000 Description

A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of a user’s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft.

References

Required Configuration for Exposure

This issue is applicable only to PAN-OS firewall configurations with a GlobalProtect portal enabled. You can verify whether you have a GlobalProtect portal configured by checking for entries in your firewall web interface (Network > GlobalProtect > Portals).

Severity: MEDIUM

Solution

This issue is fixed in PAN-OS 9.0.17-h4, PAN-OS 9.1.17, PAN-OS 10.1.11-h1, PAN-OS 10.1.12, and all later PAN-OS versions.

 

 

]]> Common Vulnerabilities and Exposures Ivan Lon https://www.hacktheforum.com/common-vulnerabilities-and-exposures/cve-2024-0010/#post-330