Palo Alto Networks Security Advisory - PAN-SA-2018-0003

[icecream-guy]

Summary
A Cross-Site Scripting (XSS) vulnerability exists in the PAN-OS session browser (Ref # PAN-OS 90835, CVE-2018-7636). PAN-OS software does not properly validate specific request parameters.

Severity: Medium
Successful exploitation of this issue may allow an attacker to inject arbitrary JavaScript or HTML.

Products Affected
PAN-OS 8.0.10 and earlier

Available Updates
PAN-OS 8.0.11 and later

Workarounds and Mitigations
N/A

Acknowledgements
Palo Alto Networks would like to thank Ayushman Dutta for reporting this issue.

[SofaKing]

Thanks - as if I didn't already have enough to do   Here's some additional information -

The URL Filtering 'continue page' and 'admin override page' does not properly filter HTML code from user-supplied input before displaying the input. A remote user can cause arbitrary scripting code to be executed by the target user's browser. The code will originate from the Palo Alto PAN-OS interface and will run in the security context of that site. As a result, the code will be able to access the target user's cookies (including authentication cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or take actions on the site acting as the target user.

A remote user can access the target user's cookies (including authentication cookies), if any, associated with the Palo Alto PAN-OS interface, access data recently submitted by the target user via web form to the interface, or take actions on the interface acting as the target user.
https://securitytracker.com/id/1041207


Looks like this is only an issue if you use URL Filtering continue or overide.  Unfortunately we do have both of thee applied for a few of the URL Filtering categories.

[deanwebb]

Still, it's an issue you can identify and correct for. That is a *good* issue.