Medium severity6.1NVD Advisory· Published Jan 11, 2025· Updated Jun 17, 2026
CVE-2025-0104
CVE-2025-0104
Description
A reflected cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition enables attackers to execute malicious JavaScript code in the context of an authenticated Expedition user’s browser if that authenticated user clicks a malicious link that allows phishing attacks and could lead to Expedition browser-session theft.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6(expand)+ 1 more
- (no CPE)
- (no CPE)range: 1
- Range: All
- Range: All
- Range: All
- Range: All
Patches
Vulnerability mechanics
References
1- security.paloaltonetworks.com/PAN-SA-2025-0001nvdVendor Advisory
News mentions
0No linked articles in our index yet.