Back to CVE List

CVE-2026-13377

Vulnerability Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS SIP Proxy module allows Stored XSS. This vulnerability is an additional unmitigated attack path for CVE-2025-6947.

This issue affects Fireware OS 12.0 up to and including 12.12, 12.5 up to and including 12.5.18, and 2025.1 up to and including 2026.2.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-79
Source
NVD
Vendor
WatchGuard
Product
Fireware OS

External References

Discussion (0)

Add Comment

No comments yet. Be the first!