Palo Alto Networks has disclosed a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-0133, affecting the GlobalProtect gateway and portal features of its PAN-OS software. The flaw enables execution of malicious JavaScript in authenticated Captive Portal user browsers when victims click specially crafted links. It poses a significant threat to organizations utilizing the Clientless VPN […]
The post Palo Alto GlobalProtect Vulnerability Enables Malicious Code Execution – PoC Released appeared first on Cyber Security News.
This article has been indexed from Cyber Security News