A persistent cross-site scripting (XSS) vulnerability in the Email Collectors menu of Juniper ATP may allow authenticated user to inject arbitrary script and steal sensitive data and credentials from a web administration session, possibly tricking a follow-on administrative user to perform administrative actions on the device. This issue affects Juniper ATP 5.0 versions prior to 5.0.3.
CPE | Name | Operator | Version |
---|---|---|---|
advanced_threat_prevention | ge | 5.0.0 | |
advanced_threat_prevention | lt | 5.0.3 |