CVE-2025-4804 WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in Hotpot Configuration

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in WatchGuard Fireware OS allows Stored XSS via the spamBlocker module. This vulnerability requires an authenticated administrator session to a locally managed Firebox. This issue affects...

Node.js third-party modules: [dy-server2] - stored Cross-Site Scripting

I would like to report Stored XSS in dy-server2 It allows to steal session cookies, deface web , execute anything code javascript Module module name: dy-server2 version: dy-server2 npm page: https://www.npmjs.com/package/dy-server2 Module Description 这是一款轻量级http服务器，可用于文件传输，前端项目预览。 Module Stats...