Description
Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter.
References (2)
Core 2
Core References
Third Party Advisory mailing-list
x_refsource_bugtraq
http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html
Vendor Advisory x_refsource_misc
http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view
Scores
EPSS
0.0026
EPSS Percentile
49.6%
Details
CWE
CWE-79
Status
published
Products (19)
juniper/fips_secure_access_4000
juniper/fips_secure_access_4500
juniper/fips_secure_access_6000
juniper/fips_secure_access_6500
juniper/ive_os
7.1
juniper/ive_os
7.2
juniper/ive_os
7.3
juniper/mag2600_gateway
juniper/mag4610_gateway
juniper/mag6610_gateway
... and 9 more
Published
Aug 01, 2013
Tracked Since
Feb 18, 2026