Palo Alto Networks Prisma Access Browser < 130.59.2920.7 - Unauthorised Bypass of Cross-Site Protection Mechanism (CVE-2024-10229)

Description

Inappropriate implementation in Extensions in Palo Alto Networks Prisma Access Browser < 130.59.2920.7 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension.

Remediation

Update to the latest version.

References

https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html
https://issues.chromium.org/issues/371011220

Risk

Impact: Unknown
Probability: Unknown
CVSS v4 Score: —
CVSS v3 Score: —
CVSS v2 Score: —
EPSS: 0.1 %

Versions

Affected Versions

Information

Category: —
CWE
CVE
Known Exploitation Activity

OWASP

OWASP 2013: Unknown
OWASP 2017: Unknown
OWASP 2021: Unknown