exploitDog

GHSA-rg89-p3mq-2mpq

Опубликовано: 05 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 4.8

CVSS3: 4.8

Описание

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox.

This issue affects Firebox: from 12.0 through 12.11.2.

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox.

This issue affects Firebox: from 12.0 through 12.11.2.

Ссылки

EPSS

Процентиль: 8%

0.00028

Низкий

4.8 Medium

CVSS4

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-6946

CVSS3: 4.8

nvd

2 месяца назад

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the IPS module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects Firebox: from 12.0 through 12.11.2.

EPSS

Процентиль: 8%

0.00028

Низкий

4.8 Medium

CVSS4

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79