Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2022-0020Cross-site Scripting in Palo Alto Networks Cortex Xsoar

CWE-79Cross-site Scripting6 documents6 sources
Severity
5.4MEDIUMNVD
CNA6.8
EPSS
1.0%
top 22.92%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Palo Alto Networks Cortex XsoarPaloaltonetworks Cortex XsoarPaloalto Cortex Xsoar
Timeline
PublishedFeb 10
Latest updateApr 8

Description

A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to store a persistent javascript payload that will perform arbitrary actions in the Cortex XSOAR web interface on behalf of authenticated administrators who encounter the payload during normal operations. This issue impacts: All builds of Cortex XSOAR 6.1.0; Cortex XSOAR 6.2.0 builds earlier than build 1958888.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:NExploitability: 2.3 | Impact: 2.7

Affected Packages3 packages

CVEListV5palo_alto_networks/cortex_xsoar6.2.01958888+1
NVDpaloaltonetworks/cortex_xsoar6.1.0, 6.2.0+1

🔴Vulnerability Details

2
GHSA
GHSA-p58g-823f-vq5p: A stored cross-site scripting (XSS) vulnerability in Palo Alto Network Cortex XSOAR web interface enables an authenticated network-based attacker to s2022-02-11
CVEList
Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface2022-02-10

💥Exploits & PoCs

1
Exploit-DB
Palo Alto Cortex XSOAR 6.5.0 - Stored Cross-Site Scripting (XSS)2023-04-08

📋Vendor Advisories

2
VMware
VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities2022-07-12
Palo Alto
Cortex XSOAR: Stored Cross-Site Scripting (XSS) Vulnerability in Web Interface2022-02-09
CVE-2022-0020 — Cross-site Scripting in Palo | cvebase