漏洞标题
ScreenOS:ScreenOS防火墙的XSS漏洞
漏洞描述信息
ScreenOS:ScreenOS防火墙中的XSS漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
ScreenOS: XSS vulnerability in ScreenOS Firewall
漏洞描述信息
A persistent cross site scripting vulnerability in NetScreen WebUI of Juniper Networks Juniper NetScreen Firewall+VPN running ScreenOS allows a user with the 'security' role to inject HTML/JavaScript content into the management session of other users including the administrator. This enables the lower-privileged user to effectively execute commands with the permissions of an administrator. This issue affects Juniper Networks ScreenOS 6.3.0 releases prior to 6.3.0r24 on SSG Series. No other Juniper Networks products or platforms are affected by this issue.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Juniper SSG Series设备ScreenOS 跨站脚本漏洞
漏洞描述信息
Juniper SSG Series是美国瞻博网络(Juniper Networks)公司的一系列防火墙设备。ScreenOS是其中的一套操作系统。 Juniper SSG Series设备上的ScreenOS 6.3.0版本中Firewall+VPN存在跨站脚本漏洞。远程攻击者可利用该漏洞向其他用户(包括管理员)的管理会话中注入HTML/JavaScript内容,以管理员权限执行命令。
CVSS信息
N/A
漏洞类别
跨站脚本