XSS in Juniper Ex2300
CVE-2021-0275
A Cross-site Scripting (XSS) vulnerability in J-Web on Juniper Networks Junos OS allows an attacker to target another user's session thereby gaining access to the users session. The other user session must be active for the attack to succe…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.012 (63.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
Weakness classification (CWE)
References
- sirt@juniper.net (x_refsource_MISC, Vendor Advisory)
Frequently asked questions
- What is CVE-2021-0275?
- CVE-2021-0275 is a high-severity vulnerability in Juniper Ex2300, classified under Cross-site Scripting. CVSS score: 8.8/10. Published 2021-04-22.
- How severe is CVE-2021-0275?
- High severity. CVSS v3 base score is 8.8 out of 10.