A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions before 6.3.0r26.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper netscreen screenos 6.3.0r4 |
||
juniper netscreen screenos 6.3.0r6 |
||
juniper netscreen screenos 6.3.0r13 |
||
juniper netscreen screenos 6.3.0r15 |
||
juniper netscreen screenos 6.3.0r21 |
||
juniper netscreen screenos 6.3.0r23 |
||
juniper netscreen screenos 6.3.0 |
||
juniper netscreen screenos 6.3.0r1 |
||
juniper netscreen screenos 6.3.0r2 |
||
juniper netscreen screenos 6.3.0r16 |
||
juniper netscreen screenos 6.3.0r17 |
||
juniper netscreen screenos 6.3.0r18 |
||
juniper netscreen screenos 6.3.0r19 |
||
juniper netscreen screenos 6.3.0r8 |
||
juniper netscreen screenos 6.3.0r9 |
||
juniper netscreen screenos 6.3.0r10 |
||
juniper netscreen screenos 6.3.0r11 |
||
juniper netscreen screenos 6.3.0r24 |
||
juniper netscreen screenos 6.3.0r24b1 |
||
juniper netscreen screenos 6.3.0r25 |
||
juniper netscreen screenos 6.3.0r3 |
||
juniper netscreen screenos 6.3.0r5 |
||
juniper netscreen screenos 6.3.0r7 |
||
juniper netscreen screenos 6.3.0r12 |
||
juniper netscreen screenos 6.3.0r14 |
||
juniper netscreen screenos 6.3.0r22 |
||
juniper netscreen screenos 6.3.0r23b1 |