1. Home
  2. CVE Database
  3. CVE-2025-1239
NONE · 0

CVE-2025-1239

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability req...

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability requires an authenticated administrator session to a locally managed Firebox.This issue affects Fireware OS: from 12.0 through 12.5.12+701324, from 12.6 through 12.11.

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2025-1239?

CVE-2025-1239 is a documented vulnerability. Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS allows Stored XSS via the Blocked Sites list. This vulnerability req...

How severe is CVE-2025-1239?

CVSS scoring is not yet available for CVE-2025-1239. Check NVD for updates.

Is there a patch for CVE-2025-1239?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.