Back to search
CVE-2024-9467
Published: Oct 9, 2024
Modified: Oct 18, 2024
PUBLISHED
Description
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
| Vendor | Product | Versions |
|---|---|---|
Palo Alto Networks | Expedition | affected 1.2.0 - < 1.2.96 |
Weaknesses (CWE)
References
https://security.paloaltonetworks.com/PAN-SA-2024-0010
vendor-advisory
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now