Juniper Networks Junos Space Security Director vulnerabilities

CVE-2025-59974 [CRITICAL] CWE-79 CVE-2025-59974: An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilit An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Junos Space Security Director allows an attacker to inject malicious scripts into the application, which are then stored and executed in the context of other users' browsers when they access affected pages.This issue affects Juniper Security Dir

CVE-2025-59968 [HIGH] CWE-862 CVE-2025-59968: A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows a A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that should otherwise be blocked by policy, effectively bypassi

CVE-2018-0047 [HIGH] CWE-79 CVE-2018-0047: A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Dir A persistent cross-site scripting vulnerability in the UI framework used by Junos Space Security Director may allow authenticated users to inject persistent and malicious scripts. This may allow stealing of information or performing actions as a different user when other users access the Security Director web interface. This issue affects all versions of