cvedb.io
CVE-2018-0059
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2018-10-10T18:29:03.250 · Last modified 2026-06-17T01:29:30.790

Summary

A persistent cross-site scripting vulnerability in the graphical user interface of ScreenOS may allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. Affected releases are Juniper Networks ScreenOS 6.3.0 versions prior to 6.3.0r26.

Affected products

juniper — netscreen_screenos

Does this affect you?

Add your gear to cvedb and we'll alert you only when juniper ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.