CVE-2013-5095

Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.

Published: Aug 16, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-5095
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
juniper / junos_space	11.1	11.1.x
juniper / junos_space	11.2	11.2.x
juniper / junos_space	11.3	11.3.x
juniper / junos_space	11.4	11.4.x
juniper / junos_space	12.1	12.1.x
juniper / junos_space	12.2	12.2.x
juniper / junos_space	12.3	12.3.x

http://kb.juniper.net/JSA10585
http://www.securitytracker.com/id/1028923

Vulnerability Database

289,697

CVE-2013-5095