2 matches found
CVE-2017-14615
CVE-2017-14615 affects WatchGuard Fireware pre-12.0. An XML-RPC login endpoint issue allows JavaScript embedded in the user element to be rendered in the Web UI (Traffic Monitor: Events/All), causing a stored-XSS effect where subsequent events are hidden until a restart. Affected product: WatchGu...
CVE-2017-14615
An FBX-5313 issue was discovered in WatchGuard Fireware before 12.0. When a failed login attempt is made to the login endpoint of the XML-RPC interface, if JavaScript code, properly encoded to be consumed by XML parsers, is embedded as value of the user element, the code will be rendered in the...