{"api_version":"1","generated_at":"2026-04-22T22:57:27+00:00","cve":"CVE-2023-0010","urls":{"html":"https://cve.report/CVE-2023-0010","api":"https://cve.report/api/cve/CVE-2023-0010.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2023-0010","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2023-0010"},"summary":{"title":"CVE-2023-0010","description":"A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on a specifically crafted link.","state":"PUBLIC","assigner":"psirt@paloaltonetworks.com","published_at":"2023-06-14 17:15:00","updated_at":"2023-06-22 14:49:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://security.paloaltonetworks.com/CVE-2023-0010","name":"https://security.paloaltonetworks.com/CVE-2023-0010","refsource":"MISC","tags":[],"title":"CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2023-0010","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0010","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"10.0.11","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"10.1.6","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"10.2.2","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"8.1.24","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"9.0.17","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2023","cve_id":"10","vulnerable":"1","versionEndIncluding":"9.1.16","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"paloaltonetworks","cpe5":"pan-os","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2023-0010","qid":"730832","title":"Palo Alto Networks (PAN-OS) Reflected Cross-Site Scripting (XSS) Vulnerability (PAN-191662)"}]},"source_records":{"cve_program":{"data_version":"4.0","data_type":"CVE","data_format":"MITRE","CVE_data_meta":{"ID":"CVE-2023-0010","ASSIGNER":"psirt@paloaltonetworks.com","STATE":"PUBLIC"},"description":{"description_data":[{"lang":"eng","value":"A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on a specifically crafted link.\n"}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","cweId":"CWE-79"}]}]},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Palo Alto Networks","product":{"product_data":[{"product_name":"PAN-OS","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"status":"unaffected","version":"11.0"},{"changes":[{"at":"10.2.2","status":"unaffected"}],"lessThan":"10.2.2","status":"affected","version":"10.2","versionType":"custom"},{"changes":[{"at":"10.1.6","status":"unaffected"}],"lessThan":"10.1.6","status":"affected","version":"10.1","versionType":"custom"},{"changes":[{"at":"10.0.11","status":"unaffected"}],"lessThan":"10.0.11","status":"affected","version":"10.0","versionType":"custom"},{"changes":[{"at":"9.1.16","status":"unaffected"}],"lessThan":"9.1.16","status":"affected","version":"9.1","versionType":"custom"},{"changes":[{"at":"9.0.17","status":"unaffected"}],"lessThan":"9.0.17","status":"affected","version":"9.0","versionType":"custom"},{"changes":[{"at":"8.1.24","status":"unaffected"}],"lessThan":"8.1.24","status":"affected","version":"8.1","versionType":"custom"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Cloud NGFW","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"status":"unaffected","version":"All"}],"defaultStatus":"unaffected"}}]}},{"product_name":"Prisma Access","version":{"version_data":[{"version_value":"not down converted","x_cve_json_5_version_data":{"versions":[{"status":"unaffected","version":"All"}],"defaultStatus":"unaffected"}}]}}]}}]}},"references":{"reference_data":[{"url":"https://security.paloaltonetworks.com/CVE-2023-0010","refsource":"MISC","name":"https://security.paloaltonetworks.com/CVE-2023-0010"}]},"generator":{"engine":"Vulnogram 0.1.0-dev"},"source":{"defect":["PAN-191662"],"discovery":"EXTERNAL"},"configuration":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>This issue is applicable only to firewalls that are configured to use Captive Portal authentication.</p><p>On PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: ‘show deviceconfig setting captive-portal’.</p>"}],"value":"This issue is applicable only to firewalls that are configured to use Captive Portal authentication.\n\nOn PAN-OS 10.0 and later software versions, this issue applies only to firewalls that have also disabled the default token generation for Captive Portal authentication. You can verify that the token is not disabled by running the following command: ‘show deviceconfig setting captive-portal’.\n\n"}],"exploit":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"<p>Palo Alto Networks is not aware of any malicious exploitation of this issue.</p>"}],"value":"Palo Alto Networks is not aware of any malicious exploitation of this issue.\n\n"}],"solution":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."}],"value":"This issue is fixed in PAN-OS 8.1.24, PAN-OS 9.0.17, PAN-OS 9.1.16, PAN-OS 10.0.11, PAN-OS 10.1.6, PAN-OS 10.2.2, and all later PAN-OS versions."}],"credits":[{"lang":"en","value":"Lockheed Martin Red Team"}],"impact":{"cvss":[{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N","version":"3.1"}]}},"nvd":{"publishedDate":"2023-06-14 17:15:00","lastModifiedDate":"2023-06-22 14:49:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":2.7}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"8.1.0","versionEndIncluding":"8.1.24","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.0.0","versionEndIncluding":"9.0.17","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"9.1.0","versionEndIncluding":"9.1.16","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.0.0","versionEndIncluding":"10.0.11","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.1.0","versionEndIncluding":"10.1.6","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*","versionStartIncluding":"10.2.0","versionEndIncluding":"10.2.2","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}