Palo Alto Networks MineMeld 0.9.60 Remote Code Injection Vulnerability

Summary

Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and earlier may allow an authenticated attacker to inject arbitrary JavaScript or HTML.

Credit:

The information has been provided by Vendor

The original article can be found at:

https://securityadvisories.paloaltonetworks.com/Home/Detail/152


Details

Palo Alto Networks Traps is prone to an unspecified code injection vulnerability.An attacker may leverage this issue to execute arbitrary script or HTML code in the browser of an unsuspecting user in the context of the affected application. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Vulnerable Systems:
Paloaltonetworks MineMeld 0.9.60

CVE Information:
CVE-2019-1577

Disclosure Timeline:
07/01/2019