Juniper ATP: Persistent Cross-Site Scripting vulnerability in RADIUS configuration menu
CVE-2019-0025
5.4MEDIUM
Key Information:
- Vendor
Juniper Networks
- Status
- Vendor
- CVE Published:
- 15 January 2019
Badges
👾 Exploit Exists
What is CVE-2019-0025?
A persistent cross-site scripting (XSS) vulnerability in RADIUS configuration menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
Affected Version(s)
Juniper ATP 5 < 5.0.3