CVE-2025-59974

Critical CVSS: 9.3

An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the application, which are then stored and executed in the context of other users' browsers when they access affected pages.This issue affects Juniper Security Director:

* All versions before 24.1R4.

Vendor

Juniper

Product

Space Security Director

CWE

CWE-79

Yayın Tarihi

2025-10-09 16:15:46

Güncelleme

2026-01-23 19:59:02

Source Identifier

sirt@juniper.net

KEV Date Added

Kategoriler

CWE-79 Space Security Director CRITICAL Juniper 2025

Referanslar

https://supportportal.juniper.net/JSA103139

Benzer Kayıtlar

Critical

CVE-2026-21902

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juni…

High

CVE-2026-21918

A Double Free vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX and MX Series allo…

High

CVE-2026-21920

An Unchecked Return Value vulnerability in the DNS module of Juniper Networks Junos OS on SRX Series allows an unauthent…

High

CVE-2026-21921

A Use After Free vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS and Junos OS Evolved allows…

High

CVE-2026-21911

An Incorrect Calculation vulnerability in the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS E…

Medium

CVE-2026-21912

A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in the method to collect FPC Ethernet firmware statist…