Junos J-Web XSS Vulnerability

Summary
Cross-Site Scripting Vulnerability in J-Web.
Impact
Remote attackers can inject arbitrary web script or HTML to index.php.
Solution
New builds of Junos OS software are available from Juniper. As a workaround disable J-Web..
Insight
J-Web is vulnerable to a cross-site scripting injection. Parameters passed as arguments to index.php can result in the execution of scripting tags within the user's browser.
Affected
Junos OS 10.0, 10.4, 11.4, 12.1 and 12.2.
Detection
Check the OS build.
References