Total vulnerabilities in the database
A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user’s browser) if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft.
| Software | From | Fixed in |
|---|---|---|
| paloaltonetworks / pan-os | 10.1.0 | 10.1.3 |
| paloaltonetworks / pan-os | 9.1.0 | 9.1.13 |
| paloaltonetworks / pan-os | 8.1.0 | 8.1.24 |
| paloaltonetworks / pan-os | 9.0.0 | 9.0.17 |
| paloaltonetworks / pan-os | 10.0.0 | 10.0.11 |