CVE-2023-0010

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software can allow a JavaScript payload to be executed in the context of an authenticated Captive Portal user’s browser when they click on a specifically crafted link. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt