VYPR
Unrated severityNVD Advisory· Published Jun 12, 2024· Updated Aug 1, 2024

Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface

CVE-2024-5906

Description

A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.