Cross-Site Scripting Vulnerability in Junos Space by Juniper Networks
CVE-2025-59993

5.1MEDIUM

Key Information:

Vendor
CVE Published:
9 October 2025

Badges

👾 Exploit Exists

What is CVE-2025-59993?

An improperly handled injection of script tags in the Space Node Setting fields of Junos Space allows an attacker to exploit this vulnerability. When another user visits the affected page, the attacker can execute malicious commands while impersonating the victim’s permissions, including those of an administrator. This issue impacts all versions of Junos Space prior to 24.1R4, highlighting the importance of prompt updates and secure coding practices to mitigate such threats.

Affected Version(s)

Junos Space 0 < 24.1R4

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-59993 : Cross-Site Scripting Vulnerability in Junos Space by Juniper Networks