Loading
Generated remediation guidance and an executive summary. No account required.
A cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-write Panorama administrator to push a specially crafted configuration to a PAN-OS node. This enables impersonation of a legitimate PAN-OS administrator who can perform restricted actions on the PAN-OS node after the execution of JavaScript in the legitimate PAN-OS administrator's browser.
Use CWE-79, Paloaltonetworks vendor hub and Pan-Os product page to widen CVE-2024-5920 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2024-0012, CVE-2025-0108 and CVE-2024-3393 for nearby disclosures in the same product family.