Last revised: 04/11/2019
A cross-site scripting (XSS) vulnerability exist in the Palo Alto Networks Migration Tool (“Expedition”). (Ref # MT-1009/ CVE-2019-1574)
Expedition 1.1.12 and earlier. Note that this issue only impacts the Palo Alto Networks Migration Tool (“Expedition”), a tool available from the Palo Alto Networks Live site. This issue does not affect PAN-OS or any other supported product or service. For more information on Expedition, see: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool.
Expedition 1.1.13 and later
Palo Alto Networks would like to thank Sayali Kulkarni of Tenable Research for reporting this issue.