PT-2019-2816 · Palo Alto Networks · Palo Alto Networks Traps

Publicado

2019-06-27

Atualizado

2019-07-08

CVE-2019-1577

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Traps versions 5.0.5 and earlier

Description The issue is related to incorrect code generation management in Palo Alto Networks Traps, which may allow an authenticated attacker to inject arbitrary JavaScript or HTML. This could enable a remote attacker to execute arbitrary JavaScript or HTML code.

Recommendations For versions 5.0.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Code Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94

Identificadores relacionados

BDU:2019-02773

CVE-2019-1577

Produtos afetados

Palo Alto Networks Traps

PT-2019-2816 · Palo Alto Networks · Palo Alto Networks Traps

CVE-2019-1577

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6