CVE-2019-1574

medium

Description

Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.

References

https://security.paloaltonetworks.com/CVE-2019-1574

http://www.securityfocus.com/bid/107900

Details

Source: Mitre, NVD

Published: 2019-04-12

Updated: 2019-04-15

Risk Information

CVSS v2

Base Score: 3.5

Vector: CVSS2#AV:N/AC:M/Au:S/C:N/I:P/A:N

Severity: Low

CVSS v3

Base Score: 5.4

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Severity: Medium