Below vulnerability reported on VAPT.  Plugin Name - JQuery 1.2 < 3.5.0 Multiple XSS CVE-Combined - CVE-2020-11022,CVE-2020-11023 Synopsis - The remote web server is affected by multiple cross site scripting  vulnerability. Description -  According to the self-reported version in the script, the version of JQuery hosted on the remote web server is greater than or equal to 1.2 and prior to 3.5.0. It is, therefore, affected by multiple cross site scripting vulnerabilities. Note, the vulnerabilities referenced in this plugin have no security impact on PAN-OS, and/or the scenarios required for successful exploitation do not exist on devices running a PAN-OS release. Solution - Upgrade to JQuery version 3.5.0 or later. See also - https://blog.jquery.com/2020/04/10/jquery-3-5-0-released/ https://security.paloaltonetworks.com/PAN-SA-2020-0007   Plugin Output--- URL : http://x.x.x.x/third_party/jquery/jquery-1.10.1.min.js Installed version : 1.10.1 Fixed version : 3.5.0   Wondering if above vulnerability is applicable for Product Model - MS425-16 &  firmware 12.28, anyone please help on this. Also share if any other document available which describes more about this vulnerability in Meraki platform. ... View more