XSS in Watchguard Fireware Os

CVE-2025-4805

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS. This vulnerability requires an authenticated administrator session to a locally managed…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.004 (27.8th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References