CVE-2025-60002

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 24.1R4

Description An issue exists in Juniper Networks Junos Space that allows an attacker to inject script tags into the Template Definitions page. When another user visits this page, the attacker can execute commands with the target user's permissions, potentially including administrator privileges. The issue is due to improper neutralization of input during web page generation, leading to a Cross-site Scripting condition.

Recommendations Update to Junos Space version 24.1R4 or later.