CVE-2024-5906
June 12, 2024, 5:15 p.m.
Tags
Product(s) Impacted
Palo Alto Networks Prisma Cloud Compute
Description
A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.
Weaknesses
Date
Published: June 12, 2024, 5:15 p.m.
Last Modified: June 12, 2024, 5:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
psirt@paloaltonetworks.com
References
https://security.paloaltonetworks.com/
psirt@paloaltonetworks.com