CVE-2022-0020

CVE-2022-0020

A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators who encounter the payload during normal operations.

This issue impacts:
All builds of Cortex XSOAR 6.1.0;
Cortex XSOAR 6.2.0 builds earlier than build 1958888.

Source: CVE-2022-0020

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다