QID 730832

PAN OS is the software that runs all Palo Alto Networks next-generation firewalls.

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal users browser when they click on a specifically crafted link.

Affected Versions:
PAN-OS 8.1 versions earlier than PAN-OS 8.1.24
PAN-OS 9.0 versions earlier than PAN-OS 9.0.17
PAN-OS 9.1 versions earlier than PAN-OS 9.1.16
PAN-OS 10.0 versions earlier than PAN-OS 10.0.11
PAN-OS 10.1 versions earlier than PAN-OS 10.1.6
PAN-OS 10.2 versions earlier than PAN-OS 10.2.2

QID Detection Logic (Authenticated):
This QID looks for the vulnerable version of PAN-OS

NOTE: Detection is made potential because the signature doesn't check for the Required Configuration for Exposure mentioned in the Palo Alto advisory.

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal users browser when they click on a specifically crafted link.