Unrated severityNVD Advisory· Published Oct 9, 2025· Updated Oct 9, 2025
Junos Space: Space Node Setting fields are vulnerable to reflected cross-site script injection
CVE-2025-59993
Description
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Space Node Setting fields that, when visited by another user, enable the attacker to execute commands with the target's permissions, including an administrator. This issue affects all versions of Junos Space before 24.1R4.
Affected products
2<24.1R4+ 1 more
- (no CPE)range: <24.1R4
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- supportportal.juniper.net/JSA103140mitrevendor-advisory
News mentions
0No linked articles in our index yet.