Arbitrary JavaScript and HTML Injection in PAN-OS Web Interface Administration Page

Arbitrary JavaScript and HTML Injection in PAN-OS Web Interface Administration Page

CVE-2018-9337 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.

Learn more about our Web App Pen Testing.