CVE-2023-6790

Name of the Vulnerable Software and Affected Versions PAN-OS (affected versions not specified)

Description A DOM-Based cross-site scripting (XSS) vulnerability in the PAN-OS software enables a remote attacker to execute a JavaScript payload in the context of an administrator’s browser when they view a specifically crafted link to the PAN-OS web interface. The vulnerability exists due to inadequate protection of the web page structure, allowing an attacker to perform cross-site scripting attacks using a specially crafted link.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.