Cross-Site Scripting Vulnerability in J-Web.
Remote attackers can inject arbitrary web script or HTML to index.php.
New builds of Junos OS software are available from Juniper. As a workaround disable J-Web..
J-Web is vulnerable to a cross-site scripting injection. Parameters passed as arguments to index.php can result in the execution of scripting tags within the user's browser.
Junos OS 10.0, 10.4, 11.4, 12.1 and 12.2.
Check the OS build.