Security Advisory

CVE-2025-1071

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-14 13:20:48

Last updated 2025-02-14 14:05:47

Assigner WatchGuard

State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (XSS or Cross-site Scripting) vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through 12.11.

← Browse all CVEs View on cve.org ↗