Cross-Site Scripting in Web Interface (PAN-SA-2016-0031)

Last revised: 10/18/2016


The Palo Alto Networks web management interface is vulnerable to a post-authentication persistent cross-site scripting condition in the monitor tab. (Ref # PAN-57659/95895).

Severity: Medium

This issue affects the management interface of the device, where an authenticated administrator could inject malicious JavaScript into the web interface.

Products Affected

PAN-OS 5.0.19 and earlier; PAN-OS 5.1.12 and earlier; PAN-OS 6.0.14 and earlier; PAN-OS 6.1.13 and earlier; PAN-OS 7.0.9 and earlier; PAN-OS 7.1.4 and earlier

Available Updates

PAN-OS 5.0.20 and later; PAN-OS 5.1.13 and later; PAN-OS 6.0.15 and later; PAN-OS 6.1.14 and later; PAN-OS 7.0.10 and later; PAN-OS 7.1.5 and later

Workarounds and Mitigations



Juan Sacco, Exploit Pack.