Palo Alto Networks has disclosed a reflected cross-site scripting (XSS) vulnerability in their GlobalProtect gateway that affects several PAN-OS versions, primarily impacting organizations using Clientless VPN. Although rated as LOW severity, proactive patching and configuration changes are recommended to prevent potential credential theft and phishing attacks. #GlobalProtect #PAN-OS #XSSVulnerability
Keypoints
- The reflected cross-site scripting (XSS) flaw impacts PAN-OS firewalls with GlobalProtect enabled, affecting specific versions prior to updates.
- The vulnerability allows attackers to execute malicious JavaScript in authenticated usersβ browsers via crafted links.
- Organizations using Clientless VPN face increased risks of session hijacking and credential theft due to this flaw.
- Palo Alto Networks advises upgrading to fixed PAN-OS versions by August 2025 and implementing additional mitigation measures.
- Active exploitation has not been observed but the public PoC indicates a potential increase in weaponization risks.
Read More: https://gbhackers.com/critical-vulnerability-in-palo-alto-globalprotect-gateway-portal/