H1-3238607

Exploit Intelligence

• Scope-aware bug bounty pipeline for CVE-2025-0133 (Palo Alto PAN-OS GlobalProtect reflected XSS). Shodan → H1/BC scope match → safe canary validation → report drafts. (github-poc-repo)
• Scope-aware bug bounty pipeline for CVE-2025-0133 (Palo Alto PAN-OS GlobalProtect reflected XSS). Shodan → H1/BC scope match → safe canary validation → report drafts. (github-poc)
• CVE-2025-0133 Exploit (github-poc)
• shawarkhanethicalhacker/CVE-2025-0133-exploit (github-poc)
• Reflected XSS vulnerability found in Palo Alto GlobalProtect Gateway & Portal. Attackers can inject malicious scripts via crafted requests. (github-poc)
• Palo Alto - Global Protect - Reflected XSS (github-poc)
• CVE-2025-0133 GlobalProtect XSS (github-poc)
• dodiorne/cve-2025-0133 (github-poc)
• Reflected XSS Vulnerability in SSL VPN Endpoint — CVE-2025-0133 (hackerone)
• Reflected XSS Vulnerability in SSL VPN Endpoint — CVE-2025-0133 (hackerone)

…and 3 more exploits

Timeline

• Jan 12, 2026 CVE Published
• Jan 12, 2026 PoC Published

References

• Reflected XSS Vulnerability in SSL VPN Endpoint — CVE-2025-0133 advisory