CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

May 16, 2025

CVE ID : CVE-2025-4804

Published : May 16, 2025, 9:15 p.m. | 3 hours, 29 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox.
This issue affects Fireware OS: from 12.0 through 12.11.1.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4805 – WatchGuard Fireware OS Stored XSS Vulnerability

Next Article CVE-2025-48188 – GNU PSPP libpspp-core.a Heap-Based Buffer Over-Read

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

Minecraft licensing robbed us of this controversial NFL schedule release video

The power of generators

The power of generators

Simplify Factory Associations with Laravel’s UseFactory Attribute

This Week in Laravel: React Native, PhpStorm Junie, and more

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Microsoft has closed its “Experience Center” store in Sydney, Australia — as it ramps up a continued digital growth campaign

Bing Search APIs to be “decommissioned completely” as Microsoft urges developers to use its Azure agentic AI alternative

Microsoft might kill the Surface Laptop Studio as production is quietly halted

CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

CVE-2022-4363 – Wholesale Market WooCommerce CSRF Vulnerability

CVE-2025-4810 – Tenda AC7 Stack-Based Buffer Overflow Vulnerability

AI craze mania with AI action figures and turning pets into people

BISCUIT: Scaffolding LLM-Generated Code with Ephemeral UIs in Computational Notebooks

CVE-2025-0856 – WordPress PGS Core Plugin Unauthenticated Remote Data Manipulation

Sam Altman wants OpenAI to be the Microsoft of AI, with a subscription-based operating system built on ChatGPT

Google Detects 4th Chrome Zero-Day in May Actively Under Attack – Update ASAP

CVE-2025-43553 – Substance3D Modeler Uncontrolled Search Path Element Vulnerability

Error’d: Secret Horror

Lingma SWE-GPT: Pioneering AI-Assisted Solutions for Software Development Challenges with Innovative Open-Source Models

CVE-2025-4804 – WatchGuard Fireware OS Stored Cross-site Scripting Vulnerability

Related Posts