Security Advisory

CVE-2025-6946

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-04 21:48:50

Last updated 2025-12-05 15:43:06

Assigner WatchGuard

State PUBLISHED

Description

Improper Neutralization of Input During Web Page Generation (XSS or Cross-site Scripting) vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox: from 12.0 through 12.11.2.

← Browse all CVEs View on cve.org ↗