Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2009-3485

Published: 30/09/2009 Updated: 05/10/2009
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Junos

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to the default URI.

Vulnerable Product Search on Vulmon Subscribe to Product

juniper junos 9.0

juniper junos 8.5

Exploits

Exploit DB: Juniper Junos 8.5/9.0 J - Web Interface 'PATH_INFO' Cross-Site Scripting
source: wwwsecurityfocuscom/bid/36537/info Juniper Networks JUNOS is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data to J-Web (Juniper Web Management) Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially ...

References

CWE-79http://www.vupen.com/english/advisories/2009/2784http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr09-08http://secunia.com/advisories/36829http://www.securityfocus.com/bid/36537https://nvd.nist.govhttps://www.exploit-db.com/exploits/33257/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook