XSS in Watchguard Fireware Os
CVE-2025-4804
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator se…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (27.8th percentile) — read the EPSS interpretation.
Affected products
- Watchguard Fireware Os — versions 12.0