XSS in Watchguard Fireware Os

CVE-2025-1239

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability requires an authenticated administrator se…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (32.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References