This script is Copyright (C) 2017 Tenable Network Security, Inc.
The remote host is affected by multiple cross-site scripting
The version of Juniper ScreenOS running on the remote host is 6.3.x
prior to 6.3.0r24. It is, therefore, affected by multiple cross-site
scripting (XSS) vulnerabilities in the web user interface due to
improper validation of user-supplied input before returning it to
users. An authenticated, remote attacker who has a 'security' role can
session of other users, including the administrator.
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
See also :
Upgrade to Juniper ScreenOS version 6.3.0r24 or later. Alternatively,
apply the workaround referenced in the vendor's advisory.
Risk factor :
Low / CVSS Base Score : 3.5
CVSS Temporal Score : 2.9
Public Exploit Available : true