CVE-2025-0104 Information

Description

A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.

Reference

https://security.paloaltonetworks.com/PAN-SA-2025-0001