Vulnerability Data

CVE-2019-0018

Track security vulnerabilities

A persistent cross-site scripting (XSS) vulnerability in the file upload menu of Juniper ATP may allow an authenticated user to inject arbitrary scripts and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.

Published at
2019-01-15
1097 days ago
Modified
2019-01-15
1097 days ago
2019
Year
The year of the turtle

https://kb.juniper.net/JSA10918

CONFIRM:https://kb.juniper.net/JSA10918

Read More about itMore info

Vulnerability RAW

{
	"Title": {
		"_text": "CVE-2019-0018"
	},
	"Notes": {
		"Note": [
			{
				"_text": "A persistent cross-site scripting (XSS) vulnerability in the file upload menu of Juniper ATP may allow an authenticated user to inject arbitrary scripts and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3."
			},
			{
				"_text": "2019-01-15"
			},
			{
				"_text": "2019-01-15"
			}
		]
	},
	"CVE": {
		"_text": "CVE-2019-0018"
	},
	"References": {
		"Reference": {
			"URL": {
				"_text": "https://kb.juniper.net/JSA10918"
			},
			"Description": {
				"_text": "CONFIRM:https://kb.juniper.net/JSA10918"
			}
		}
	}
}