10 matches found
CVE-2025-59998
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Archive Log screen that, when visited by another user, enables the attacker to execute commands with the target's...
CVE-2025-59993
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Space Node Setting fields that, when visited by another user, enable the attacker to execute commands with the target...
EUVD-2025-33371
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's...
EUVD-2025-33375
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Management pages that, when visited by another user, enable the attacker to execute commands with the target's...
EUVD-2025-33380
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the arbitrary device search field that, when visited by another user, enables the attacker to execute commands with the...
CVE-2025-59991
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Management pages that, when visited by another user, enable the attacker to execute commands with the target's...
CVE-2025-59985
An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in a field on the Purging Policy page that, when visited by another user, enables the attacker to execute commands with the...
CVE-2025-59996
The CVE-2025-59996 issue affects Juniper Networks Junos Space versions prior to 24.1R4, where an Improper Neutralization of Input During Web Page Generation enables cross-site scripting in the Configuration View page. Exploitation would allow an attacker to inject script tags that, when a second ...
CVE-2025-59985
Juniper Junos Space prior to 24.1R4 is affected by CVE-2025-59985 due to improper input neutralization during web page generation on the Purging Policy page, allowing injection of script tags that can execute commands with the target user’s permissions (potentially admin). The issue is a client-f...
CVE-2025-59974
CVE-2025-59974 is a stored cross-site scripting (XSS) vulnerability in Juniper Networks’ Junos Space Security Director. The issue arises from improper input neutralization during web page generation, allowing an attacker to inject scripts that are stored and later executed in other users’ browser...