WatchGuard Firebox Reflected Cross-Site-Scripting (XSS) Vulnerability in Fireware Web UI

A reflected cross-site scripting (XSS) vulnerability in the Fireware OS Web UI enabled execution of malicious JavaScript in the context of an authenticated management user's browser when they click on a specially crafted link. This vulnerability affects Fireware OS 12.7 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

WatchGuard Fireware OS 安全漏洞

WatchGuard Fireware OS是美国WatchGuard公司的一个在 Firebox 上运行的软件。 WatchGuard Fireware OS 12.7至12.11.7版本和2025.1至2026.1.1版本存在安全漏洞，该漏洞源于Fireware OS Web UI存在反射型跨站脚本，可能导致经过身份验证的管理用户在点击特制链接时，在其浏览器环境中执行恶意JavaScript。

N/A

N/A