VDB
GCVE-110-NCSC-2025-308
GCVE-110-NCSC-2025-308
Advisory PublishedCVSS 6.1/10
A Cross-site Scripting vulnerability in Juniper Networks Junos Space allows script injection in Global Search, potentially enabling command execution with the target's permissions, affecting all versions prior to 24.1R4.
Weaknesses (CWE)
CWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Risk Scores
CVSS 3.1
6.1/10
Medium · CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Juniper Networks | vers:unknown/* | — | — |
Aliases
CVE-2025-59978CVE-2025-59981CVE-2025-59982CVE-2025-59983CVE-2025-59984CVE-2025-59985CVE-2025-59986CVE-2025-59987CVE-2025-59988CVE-2025-59989CVE-2025-59990CVE-2025-59991CVE-2025-59992CVE-2025-59993CVE-2025-59994CVE-2025-59995CVE-2025-59996CVE-2025-59997CVE-2025-59998CVE-2025-59999CVE-2025-60000CVE-2025-60001CVE-2025-60002CVE-2025-60009
Browse GCVE Records
73,040 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.