CVE-2019-1574 Cross-Site Scripting in Expedition Migration Tool
A cross-site scripting (XSS) vulnerability exist in the Palo Alto Networks Migration Tool (“Expedition”). (Ref # MT-1009/ CVE-2019-1574)
This issue affects Expedition 1.1.12 and earlier.
Note that this issue only impacts the Palo Alto Networks Migration Tool (“Expedition”), a tool available from the Palo Alto Networks Live site. This issue does not affect PAN-OS or any other supported product or service. For more information on Expedition, see: https://live.paloaltonetworks.com/t5/Expedition-Migration-Tool/ct-p/migration_tool.
|Expedition 1.1||<= 1.1.12||>= 1.1.13|
CVSSv3.1 Base Score: 5.4 (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)
Expedition 1.1.13 and later
Workarounds and Mitigations