CVE-2015-2223

Palo Alto Networks Traps 3.1.2.1546 - Cross-Site Scripting via SOAP Request Parameters

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-2223. PoCs published by Michael Hendrickx.

AI-analyzed exploit summary This Ruby script demonstrates a stored XSS vulnerability in Palo Alto Traps Server (CVE-2015-2223) by sending a malicious SOAP request with embedded JavaScript in the <b:Arguments>, <b:FileName>, and <b:URL> parameters. The script targets the Traps Server on port 2125 and injects XSS payloads that execute when viewed by an administrator.

Description

Multiple cross-site scripting (XSS) vulnerabilities in the web-based console management interface in Palo Alto Networks Traps (formerly Cyvera Endpoint Protection) 3.1.2.1546 allow remote attackers to inject arbitrary web script or HTML via the (1) Arguments, (2) FileName, or (3) URL parameter in a SOAP request.

Exploits (1)

exploitdb WORKING POC

by Michael Hendrickx · rubywebappswindows

https://www.exploit-db.com/exploits/36580

View Code ZIP pw:eip

This Ruby script demonstrates a stored XSS vulnerability in Palo Alto Traps Server (CVE-2015-2223) by sending a malicious SOAP request with embedded JavaScript in the <b:Arguments>, <b:FileName>, and <b:URL> parameters. The script targets the Traps Server on port 2125 and injects XSS payloads that execute when viewed by an administrator.

Classification

Working Poc 100%

Attack Type

Xss

Complexity

Trivial

Reliability

Reliable

Target: Palo Alto Traps Server (formerly Cyvera Endpoint Protection) 3.1.2.1546

No auth needed

Prerequisites: Network access to the Traps Server on port 2125

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq

http://www.securityfocus.com/archive/1/535113/100/0/threaded

Exploit x_refsource_misc

http://packetstormsecurity.com/files/131182/Palo-Alto-Traps-Server-3.1.2.1546-Cross-Site-Scripting.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/73704

Various Sources x_refsource_confirm

https://security.paloaltonetworks.com/CVE-2015-2223

Scores

EPSS 0.0404

EPSS Percentile 89.3%

Details

CWE

CWE-79

Status published

Products (1)

palo_alto_networks/traps 3.1.2.1546

Published Apr 14, 2015

Tracked Since Feb 18, 2026