CVE-2025-59999

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4

Description An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') issue exists in Juniper Networks Junos Space. This allows an attacker to inject script tags into the API Access Profiles page. When another user visits this page, the attacker can execute commands with the target user's permissions, potentially including administrator privileges. The issue involves the injection of script tags during web page generation.

Recommendations Update to Junos Space version 24.1R4 or later.