Unrated severityNVD Advisory· Published Oct 9, 2025· Updated Feb 26, 2026
Junos Space: Stored cross-site scripting vulnerability in web application
CVE-2025-59978
Description
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to store script tags directly in web pages that, when viewed by another user, enable the attacker to execute commands with the target's administrative permissions. This issue affects all versions of Junos Space before 24.1R4.
Affected products
2<24.1R4+ 1 more
- (no CPE)range: <24.1R4
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- supportportal.juniper.net/JSA103140mitrevendor-advisory
News mentions
0No linked articles in our index yet.