CVE-2024-5920

Palo Alto Networks PAN-OS software is affected by a cross-site scripting (XSS) issue, which allows an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator, who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate administrator's browser. An exploit for this issue is available, with more information accessible at https://t.co/tF8CkcjpgX and https://t.co/RlZWNQvLLs. Unfortunately, the specific versions of the vulnerable software are not mentioned in the provided text. #PaloAltoNetworks #PANOS #XSS #CrossSiteScripting #AuthenticatedXSS #PANOSsoftware #NetworkSecurity #CyberSecurity