CVE-2013-6956

Name of the Vulnerable Software and Affected Versions Junos Pulse Secure Access Service versions prior to 7.1r17 Junos Pulse Secure Access Service versions 7.3 prior to 7.3r8 Junos Pulse Secure Access Service versions 7.4 prior to 7.4r6 Junos Pulse Secure Access Service versions 8.0 prior to 8.0r1

Description A cross-site scripting (XSS) issue exists in the Secure Access Service Web rewriting feature of Junos Pulse Secure Access Service, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified vectors when web rewrite is enabled.

Recommendations For versions prior to 7.1r17, update to version 7.1r17 or later. For versions 7.3 prior to 7.3r8, update to version 7.3r8 or later. For versions 7.4 prior to 7.4r6, update to version 7.4r6 or later. For versions 8.0 prior to 8.0r1, update to version 8.0r1 or later.