Palo Alto Networks · Pan-Os · CVE-2024-0010
**Name of the Vulnerable Software and Affected Versions**
PAN-OS (affected versions not specified)
**Description**
A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript in the context of a user’s browser if a user clicks on a malicious link, allowing phishing attacks that could lead to credential theft. The vulnerability is related to the lack of protection of the web page structure.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.