XSS in Watchguard Fireware Os

CVE-2026-13376

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS spamBlocker module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2…

Vulnerability class: XSS (Cross-Site Scripting)

Affected products

Weakness classification (CWE)

References