A vulnerability profile on the Palo Alto Networks device is configured and added to a security policy. This document describes how to check if the vulnerabilities are being caught and the logs are being triggered in the threat logs under the monitor tab.
Details
Go to any http site with a search bar.
Enter the following in the search bar: <script>test</script>. Then, click the search button.
A vulnerability log should be generated under the threat log. This shows that the vulnerability profile is working properly and generating log entries.
NOTE: If you are unable to find a http site which has a search bar then trying with https sites won't generate the same result if you are not using SSL decryption. In this case, as mentioned above if you do not have SSL decryption enabled, for the same purpose of testing whether the Vulnerability Profile will be matching a signature we can use a simple test as below:
Navigate to a site which will never redirect to https and simulate as if we are trying to access sensitive info as shown in the screenshots
Go to the threat logs to find that TID 35107 is triggering as in the screenshot below: