3 matches found
Juniper JSA10979
The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the JSA10979 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version numbe...
CVE-2020-1607 Junos OS: Cross-Site Scripting (XSS) in J-Web
Insufficient Cross-Site Scripting XSS protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user's J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3...
CVE-2020-1607
CVE-2020-1607 is a Junos OS/J-Web cross-site scripting vulnerability. The root cause is insufficient XSS protection in J-Web, allowing a remote attacker to inject scripts or HTML to hijack an authenticated user’s J-Web session and perform admin actions. Affected software ranges are extensive, inc...