Jquery Version - JQuery 1.2 < 3.5.0 Multiple XSS

Hi team

We received this vulnerability in the report by our vendor for our PA
"According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, theref

Minemeld Indicators Number not equal Firewall DAG Members List

Hi everyone,

I tried to reference all the Windows RODC (Read-Only Domain Controllers) using a custom script. The script is working fine : it queries our Active Directory, and returns a JSON list of RODC. Each indicator listed by the script looks li

Minemeld taking up a lot of disk space opt/minemeld/local/trace/*

/opt ( 5 Gb )  is running at 80% full, most of which is consumed by /opt/minemeld/local/trace/*.

Can some housekeeping be done or do we need to expand the storage, is it just an area that going to grow and grow ?

Is there a Housekeeping job tha

False positive alerts

A very high quantity of botnet false alerts being reported on our appliance. Using 9.1.3.

Botnet report alerts as noted below:

Repeatedly visited (10) the same URL 216.58.199.36/

Repeatedly visited (30) the same URL 142.250.66.164/

Repeatedly visited (

Wildfire submittion issue

we have seen in wildfire  the same file (i have verified the file hash available in wildfire cloud) is submitting multiple tiles even after the verdict is malicious from old wildfire submission.
ie, wildfire dynamic update is configured for every minu

Panorama: PDF export full of HTML code

Update 2:  This is almost completely fixed in 8.1.16, with only one column showing [object Object] instead of a value.  See this post for details.

Update 1:  This is still not fixed in 8.1.12, although the issue is slightly different.  See this post 

IP is getting Registered with TAG Name,but I don't find the IP in DAG

Hi,

I am testing some scenario and I see the ip is getting registered with TAG  but i don't see it in DAG.

palo-alto-panos-9.0> show object registered-ip tag test

registered IP Tags
---------------------------------------- -----------------

9.9.9.3 #
"t

Can we remove URL indicators with specific keyword ?

Hello,

I am trying to push Cofense indicators to different devices, but want to exclude some URLs as those are not accepted by the devices.

I want to ignore URLs with sign "√" and "@" in domain.

http://google.com@ashousingcompany.com/www/?
http://googl

Global protect and HA3 with session owner as primary device.

I have an active/active global protect configuration with the session owner set as primary-device.

1 portal

2 gateways

I can connect to either PA with the client but traffic will not route outside of the secondary PA. I can ping every interface on the

reCaptcha and Restricted Internet Users

Due to the recent COVID crisis, our users are asked to login to a website prior to coming into work to "validate" that they do not have COVID symptoms or been in contact with anyone who has COVID.

There are some users who are unable to do this prior