Exploit for CVE-2025-0133

## https://sploitus.com/exploit?id=77F0BBE0-5AD2-56A7-915D-D965F73CE825
# CVE-2025-0133 Reflected XSS Detection Tool

**Author**: Derek Odiorne  
**Date**: 2025-05-23  
**Severity**: Medium  
**Tested Against**: Palo Alto Networks GlobalProtect Portal (PAN-OS)

---

## 📌 Summary

This script performs **safe, authorized testing** for the vulnerability **CVE-2025-0133**, a reflected Cross-Site Scripting (XSS) issue in the **GlobalProtect portal and gateway login pages** of Palo Alto Networks' PAN-OS software.

The tool tests multiple common parameters with two context-specific payloads:
- **HTML context** (`<script>alert()</script>`)
- **JavaScript string context** (`j\";-alert()...`)

The results are colorized for clarity and saved in a timestamped log file.

---

## 🚨 Vulnerability Overview

- **CVE ID**: [CVE-2025-0133](https://security.paloaltonetworks.com/CVE-2025-0133)
- **Component**: PAN-OS (GlobalProtect Portal / Gateway)
- **Vulnerability**: Reflected XSS
- **Impact**: JavaScript execution in the context of an authenticated user
- **Exploit Method**: Maliciously crafted query parameter in a login URL

---

## 🧪 Usage

### Prerequisites

- Python 3.x
- `requests`
- `colorama`

Install dependencies (if needed):

```bash
pip install requests colorama