CVE-2025-59995

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4

Description An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') issue exists in Juniper Networks Junos Space. This allows an attacker to inject script tags into the Quick Template page. When another user visits this page, the attacker can execute commands with the target's permissions, potentially including administrator privileges. The issue involves the injection of script tags during web page generation.

Recommendations Update to Junos Space version 24.1R4 or later.