CVE-2013-5095 — Cross-site Scripting in Juniper Junos Space

CWE-79 — Cross-site Scripting4 documents4 sources
Severity
4.3MEDIUMNVD
EPSS
0.3%
top 50.30%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Juniper Junos Space
Timeline
PublishedAug 16
Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in other contexts, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka PR 884469.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

â–¶NVDjuniper/junos_space7 versions+6

🔴Vulnerability Details

2
GHSA
GHSA-4c62-8fp4-qrg8: Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13↗2022-05-17
â–¶
CVEList
CVE-2013-5095: Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13↗2013-08-16
â–¶

📋Vendor Advisories

1
Juniper
CVE-2013-5095: Cross-site scripting (XSS) vulnerability in the web-based interface in Juniper Junos Space before 13.1R1.6, as used on the JA1500 appliance and in oth↗2013-08-16
â–¶
CVE-2013-5095 — Cross-site Scripting in Juniper | cvebase