CVE-2024-0011 Information

Description

A reflected cross-site scripting (XSS) vulnerability in the Captive Portal feature of Palo Alto Networks PAN-OS software enables execution of malicious JavaScript (in the context of an authenticated Captive Portal user’s browser) if a user clicks on a malicious link allowing phishing attacks that could lead to credential theft.

Reference

https://security.paloaltonetworks.com/CVE-2024-0011