CVE-2026-0279
PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
Multiple cross site scripting vulnerabilities in the User-ID™ Authentication Portal (aka Captive Portal) service, GlobalProtect™ gateway/portal features and Clientless VPN of Palo Alto Networks PAN-OS® software enables a malicious unauthenticated user to store or execute malicious JavaScript payload. The security risk posed by this issue is minimized when the management interface and access to the User-ID™ Authentication Portal is restricted to only trusted internal IP addresses according to our recommended best practice deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW is not affected by this vulnerability.
| CWE | CWE-79 |
| Vendor | palo alto networks |
| Product | cloud ngfw |
| Published | Jul 9, 2026 |
| Last Updated | Jul 9, 2026 |
Get instant alerts for palo alto networks cloud ngfw
Be the first to know when new unknown vulnerabilities affecting palo alto networks cloud ngfw are published — delivered to Slack, Telegram or Discord.