5.1
CVE-2025-59987 - Junos Space: The arbitrary device search field is vulnerable to reflected cross-site script injecti…
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the arbitrary device search field that, when visited by another user, enables the attacker to execute commands with the t…
5.1
CVE-2025-59986 - Junos Space: Input fields in Model Devices are vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the input fields in Model Devices that, when visited by another user, enables the attacker to execute commands with the t…
5.1
CVE-2025-59985 - Junos Space: Purging Policy field is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in a field on the Purging Policy page that, when visited by another user, enables the attacker to execute commands with the …
5.1
CVE-2025-59984 - Junos Space: Global Search is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in Global Search that, when visited by another user, enables the attacker to execute commands with the target's permissions,…
5.1
CVE-2025-59983 - Junos Space: Template Definition page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Template Definition page, when visited by another user, enables the attacker to execute commands with the target's p…
5.1
CVE-2025-59982 - Junos Space: Dashboard Search field is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the dashboard search field that, when visited by another user, enables the attacker to execute commands with the target's…
5.1
CVE-2025-59981 - Junos Space: Device Template Definition page is vulnerable to reflected cross-site script injection
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the…
6.9
CVE-2025-59980 - Junos OS: When a user with the name ftp or anonymous is configured unauthenticated filesystem acces…
An Authentication Bypass by Primary Weakness in the FTP server of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to get limited read-write access to files on the device. When the FTP server is enabled and a user named "ftp" or "anonymous" is configured, that user can l…
9.4
CVE-2025-59978 - Junos Space: Stored cross-site scripting vulnerability in web application
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Juniper Networks Junos Space allows an attacker to store script tags directly in web pages that, when viewed by another user, enable the attacker to execute commands with the target's administra…
7.1
CVE-2025-59976 - Junos Space: Arbitrary file download vulnerability in web interface
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file pat…