VDB

GCVE-110-NCSC-2025-308

GCVE-110-NCSC-2025-308
Advisory PublishedCVSS 6.1/10
Vulnetix · Advisory published October 13, 2025
A Cross-site Scripting vulnerability in Juniper Networks Junos Space allows script injection in Global Search, potentially enabling command execution with the target's permissions, affecting all versions prior to 24.1R4.

Weaknesses (CWE)

CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Risk Scores

CVSS 3.1
6.1/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected Products

VendorProductVersionsPlatforms
Juniper Networksvers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,040 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›