Unrated severityNVD Advisory· Published Oct 9, 2025· Updated Oct 9, 2025
Junos Space: Quick Template page is vulnerable to reflected cross-site script injection
CVE-2025-59994
Description
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Quick Template page that, when visited by another user, enables the attacker to execute commands with the target's permissions, including an administrator. This issue affects all versions of Junos Space before 24.1R4.
Affected products
2<24.1R4+ 1 more
- (no CPE)range: <24.1R4
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1- supportportal.juniper.net/JSA103140mitrevendor-advisory
News mentions
0No linked articles in our index yet.