Unrated severityNVD Advisory· Published Jun 12, 2024· Updated Aug 1, 2024
Prisma Cloud Compute: Stored Cross-Site Scripting (XSS) Vulnerability in the Web Interface
CVE-2024-5906
Description
A cross-site scripting (XSS) vulnerability in Palo Alto Networks Prisma Cloud Compute software enables a malicious administrator with add/edit permissions for identity providers to store a JavaScript payload using the web interface on Prisma Cloud Compute. This enables a malicious administrator to perform actions in the context of another user's browser when accessed by that other user.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 32
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/CVE-2024-5906mitrevendor-advisory
News mentions
0No linked articles in our index yet.