{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-07-31T21:00:00.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20130722 Juniper Secure Access XSS Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2012-5460", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20130722 Juniper Secure Access XSS Vulnerability", "refsource": "BUGTRAQ", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"}, {"name": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view", "refsource": "MISC", "url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:05:47.257Z"}, "title": "CVE Program Container", "references": [{"name": "20130722 Juniper Secure Access XSS Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2012-5460", "datePublished": "2013-07-31T21:00:00.000Z", "dateReserved": "2012-10-24T00:00:00.000Z", "dateUpdated": "2024-09-16T22:36:07.051Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:juniper:ive_os:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D4313025-3FC4-42DB-B18E-57EC5C566B74", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:ive_os:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "754A5F1C-E181-4D36-86A7-5124C22EBF40", "vulnerable": true}, {"criteria": "cpe:2.3:o:juniper:ive_os:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "8ECD0F7E-715A-4C52-ACF1-EE7A7042B991", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:juniper:secure_access_virtual_appliance:-:*:*:*:*:*:*:*", "matchCriteriaId": "49C013C9-3F10-4B6A-A1C6-7171DB9BE6DD", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "80CC7A54-95DD-4C60-8A99-21F800616784", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_4500:-:*:*:*:*:*:*:*", "matchCriteriaId": "B68C4310-771E-4E8F-9C62-6EBE233FCB92", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "55331F37-6F9B-48A8-BBB3-BE9EBF4C2B3D", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:fips_secure_access_6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "528028F3-3F3F-4354-A1D7-2EF66BA27CEC", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:mag2600_gateway:-:*:*:*:*:*:*:*", "matchCriteriaId": "1EE557B9-DF6D-4C20-98BE-E934D187CCFC", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:mag4610_gateway:-:*:*:*:*:*:*:*", "matchCriteriaId": "DB174F88-B643-4338-BCD6-A9CD0EDB54A6", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:mag6610_gateway:-:*:*:*:*:*:*:*", "matchCriteriaId": "115C8834-8BD1-4561-8B98-AE29E3B9C1C9", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:mag6611_gateway:-:*:*:*:*:*:*:*", "matchCriteriaId": "54C5F933-61BB-40EA-9ADC-C22CFE8F9D1B", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "DF6B885A-5C17-4928-A1B9-4A729F277F4B", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_2500:-:*:*:*:*:*:*:*", "matchCriteriaId": "82E5E8BD-68B9-4C94-A1F0-3F5C3EC7620A", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_4000:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D6A2465-451A-436A-89C1-94424A0C4AB8", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_4500:-:*:*:*:*:*:*:*", "matchCriteriaId": "641091CF-F671-4AD7-B10F-E50497AC462B", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "501D212B-D846-4D43-B6D8-F01C2483AB64", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "075FD895-451D-4959-9A73-94F5BB1853E6", "vulnerable": true}, {"criteria": "cpe:2.3:h:juniper:secure_access_700:-:*:*:*:*:*:*:*", "matchCriteriaId": "42FB27DD-D685-4D5E-8DAF-7A34DE33AB59", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the help page in Juniper Secure Access (SA) with IVE OS before 7.1r13, 7.2.x before 7.2r7, and 7.3.x before 7.3r2 allows remote attackers to inject arbitrary web script or HTML via the WWHSearchWordsText parameter."}, {"lang": "es", "value": "Vulnerabilidad XSS en la p\u00e1gina de ayuda en Juniper Secure Access (SA) con IVE OS anterior a 7.1r13, 7.2.x anterior a 7.2r7, y 7.3.x anterior a 7.3r2, permite a atacantes remotos inyectar secuencias de comandos web y HTML arbitrarias a trav\u00e9s del par\u00e1metro WWHSearchWordsText."}], "id": "CVE-2012-5460", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2013-08-01T13:32:35.103", "references": [{"source": "cve@mitre.org", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/bugtraq/2013-07/0148.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2013-03-874&viewMode=view"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}