CVE-2023-6789

Summary

CVE-2023-6789 is a cross-site scripting (XSS) vulnerability affecting Palo Alto Networks PAN-OS software. An authenticated read-write administrator can exploit this issue by injecting a JavaScript payload through the web interface. Once stored, the payload executes when viewed by another properly authenticated administrator, disguising all associated actions as if they were initiated by that administrator. This poses a significant risk as the unsuspecting administrator's credentials and permissions could be misused. The successful exploitation of this vulnerability could lead to unauthorized actions within the network, making it crucial for organizations using the affected PAN-OS software to apply the necessary patches as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.