Cross-Site Scripting Vulnerability in Juniper Networks Junos Space
CVE-2025-59988
5.1MEDIUM
Key Information:
- Vendor
Juniper Networks
- Status
- Vendor
- CVE Published:
- 9 October 2025
Badges
👾 Exploit Exists
What is CVE-2025-59988?
An improper neutralization of input during web page generation in Juniper Networks' Junos Space product permits the injection of malicious script tags into the Generate Report page. When accessed by another user, these scripts can execute commands with the permissions of the target user, including administrative privileges. This vulnerability affects all versions of Junos Space prior to 24.1R4, presenting significant security risks for users who may inadvertently execute the injected scripts.
Affected Version(s)
Junos Space 0 < 24.1R4