CVE-2020-2005
Description
A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the users active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.0.
Risk Information
Base Score
6.1
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS Score
Exploitation Probability
0.504
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities affected in pan-os 8.0.18 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.17 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.16 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.15 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.14 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.24 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.13 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.10 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.9-h4 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.9 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.3 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.5 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.4-h2 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.4 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.19 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.8 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.7 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.5 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.4-h2 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.3-h4 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.1 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.8 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.6 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.0 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.0 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.11 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.6-h2 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.6 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.1 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.9 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.6 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.2 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.17 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.4-h2 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.4 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.3 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.2 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.1 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.0 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.4 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.8-h4 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.8 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.7 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.2 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.11 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.10 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.25 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.18 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.11 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.5 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.2-h4 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.2 | NCM |
| Multiple Vulnerabilities affected in pan-os 9.0.1 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.12 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.9 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.8-h5 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.20 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.6-h3 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.14 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.1.3 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.13 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.12 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.11-h1 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.4 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.3 | NCM |
| Multiple Vulnerabilities affected in pan-os 8.0.0 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.23 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.22 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.21 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.20 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.19 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.16 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.15 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.12 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.7 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.6 | NCM |
| Multiple Vulnerabilities affected in pan-os 7.1.5 | NCM |
| Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability (CVE-2020-2005) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234