VDB
H1-3206013
H1-3206013
PUBLISHED
Reflected XSS via user parameter on getconfig.esp endpoint
Exploit Intelligence
- CVE-2025-0133 Scanner | Palo Alto GlobalProtect XSS Checker (github-poc-repo)
- CVE-2025-0133 Scanner | Palo Alto GlobalProtect XSS Checker (github-poc)
- Scope-aware bug bounty pipeline for CVE-2025-0133 (Palo Alto PAN-OS GlobalProtect reflected XSS). Shodan → H1/BC scope match → safe canary validation → report drafts. (github-poc-repo)
- Scope-aware bug bounty pipeline for CVE-2025-0133 (Palo Alto PAN-OS GlobalProtect reflected XSS). Shodan → H1/BC scope match → safe canary validation → report drafts. (github-poc)
- CVE-2025-0133 Exploit (github-poc)
- shawarkhanethicalhacker/CVE-2025-0133-exploit (github-poc)
- Reflected XSS vulnerability found in Palo Alto GlobalProtect Gateway & Portal. Attackers can inject malicious scripts via crafted requests. (github-poc)
- Palo Alto - Global Protect - Reflected XSS (github-poc)
- CVE-2025-0133 GlobalProtect XSS (github-poc)
- dodiorne/cve-2025-0133 (github-poc)
…and 5 more exploits
Timeline
- Jan 12, 2026 CVE Published
- Jan 12, 2026 PoC Published