CVE-2009-3485
Juniper Junos - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Amir Azam · textremotehardware
https://www.exploit-db.com/exploits/33257
Scores
EPSS
0.0190
EPSS Percentile
83.0%
Classification
CWE
CWE-79
Status
published
Affected Products (3)
juniper/junos
juniper/junos
n/a/n/a
Timeline
Published
Sep 30, 2009
Tracked Since
Feb 18, 2026