CVE-2023-6789

Name of the Vulnerable Software and Affected Versions PAN-OS (affected versions not specified)

Description A cross-site scripting (XSS) issue in the PAN-OS software allows a malicious authenticated read-write administrator to store a JavaScript payload using the web interface. When viewed by a properly authenticated administrator, the JavaScript payload executes and disguises all associated actions as performed by that unsuspecting authenticated administrator. The vulnerability is related to the lack of protection of the web page structure, which can be exploited by a remote attacker to perform cross-site scripting attacks.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.