CVE-2014-3821

Juniper Junos - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in SRX Web Authentication (webauth) in Juniper Junos 11.4 before 11.4R11, 12.1X44 before 12.1X44-D34, 12.1X45 before 12.1X45-D25, 12.1X46 before 12.1X46-D20, and 12.1X47 before 12.1X47-D10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (3)

[Vendor Advisory] https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10640

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/68548

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1030563

Scores

EPSS 0.0026

EPSS Percentile 48.9%

Details

CWE

CWE-79

Status published

Products (6)

juniper/junos

n/a/n/a

Published Jul 11, 2014

Tracked Since Feb 18, 2026