Palo Alto Networks · Pan-Os · CVE-2016-2219
**Name of the Vulnerable Software and Affected Versions**
Palo Alto Networks PAN-OS versions 7.0.1 through 7.0.7
**Description**
A cross-site scripting issue exists in the management interface of the device, allowing remote authenticated users to inject arbitrary web script or HTML. This occurs because data provided by the user is stored without proper sanitization, which can be exploited by tricking an authenticated administrator into injecting malicious JavaScript into the web interface.
**Recommendations**
For versions 7.0.1 through 7.0.7, update to version 7.0.8 or later to resolve the issue.