CVE-2014-2711 Information

Description

Cross-site scripting (XSS) vulnerability in J-Web in Juniper Junos before 11.4R11 11.4X27 before 11.4X27.62 (BBE) 12.1 before 12.1R9 12.1X44 before 12.1X44-D35 12.1X45 before 12.1X45-D25 12.1X46 before 12.1X46-D20 12.2 before 12.2R7 12.3 before 12.3R6 13.1 before 13.1R4 13.2 before 13.2R3 and 13.3 before 13.3R1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Reference

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10619 http://www.securityfocus.com/bid/66770 http://www.securitytracker.com/id/1030061