漏洞描述
Palo Alto Networks PAN-OS® 软件的 GlobalProtect™ 网关和门户功能中存在一个反射型跨站点脚本 (XSS)漏洞,当经过身份验证的强制网络门户用户单击特制链接时,该漏洞允许在其浏览器上下文中执行恶意 JavaScript
PAN-OS 反射xss CVE-2025-0133
PoC代码
暂无相关漏洞推荐
- POC CVE-2017-15944: Palo Alto Network PAN-OS - Remote Code Execution
- POC CVE-2018-10141: Palo Alto Networks PAN-OS GlobalProtect <8.1.4 - Cross-Site Scripting
- POC CVE-2020-2036: Palo Alto Networks PAN-OS Web Interface - Cross Site-Scripting
- POC CVE-2024-0012: PAN-OS Management Web Interface - Authentication Bypass
- POC CVE-2024-9474: PAN-OS Management Web Interface - Command Injection
- POC CVE-2025-0108: PAN-OS Management Interface - Path Confusion to Authentication Bypass
- POC CVE-2025-0133: PAN-OS - Reflected Cross-Site Scripting
- POC CVE-2024-0012: Palo Alto Networks PAN-OS身份认证绕过导致RCE漏洞(CVE-2024-0012)
- POC panos-default-login: Palo Alto Networks PAN-OS Default Login
- Palo Alto Networks PAN-OS /ssl-XXX/hipreport.esp 命令执行漏洞(CVE-2024-3400)
- Palo Alto Networks PAN-OS /unauth/%252e%252e/php/ztp_gate.php/PAN_help/x.css 未授权访问漏洞(CVE-2025-0108)
- Palo Alto Networks PAN-OS 身份验证绕过漏洞
- Palo Alto Networks PAN-OS 身份验证绕过漏洞(CVE-2025-0108)