Security Advisory

CVE-2019-0018

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-01-15 21:00:00

Last updated 2024-09-16 18:39:46

Assigner juniper

State PUBLISHED

Description

A persistent cross-site scripting (XSS) vulnerability in the file upload menu of Juniper ATP may allow an authenticated user to inject arbitrary scripts and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.

← Browse all CVEs View on cve.org ↗