Vulnerabilities > Paloaltonetworks > Expedition Migration Tool > 1.1.8
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-02-12 | CVE-2020-1977 | Cross-Site Request Forgery (CSRF) vulnerability in Paloaltonetworks Expedition Migration Tool Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. | 8.8 |
2019-04-12 | CVE-2019-1574 | Cross-site Scripting vulnerability in Paloaltonetworks Expedition Migration Tool Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View. | 5.4 |