CVE-2010-0475 – Palo Alto Network Vulnerability - Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2010-0475

Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0.x before 3.0.9 and 3.1.x before 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the role parameter. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en esp/editUser.esp en el firewall Palo Alto Networks 3.0.x en versiones anteriores a la 3.0.9 y 3.1.x en versiones anteriores a la 3.1.1, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro "role". Palo Alto Network suffers from a cross site scripting vulnerability. • https://www.exploit-db.com/exploits/12660 http://archives.neohapsis.com/archives/bugtraq/2010-05/0086.html http://www.jeromiejackson.com/index.php?view=article&id=83:palo-alto-cross-site-scripting-vulnerability&tmpl=component&print=1&layout=default&page= http://www.securityfocus.com/bid/40113 https://exchange.xforce.ibmcloud.com/vulnerabilities/58624 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •