Unrated severityNVD Advisory· Published Mar 16, 2014· Updated May 6, 2026
CVE-2014-0338
CVE-2014-0338
Description
Multiple cross-site scripting (XSS) vulnerabilities in the firewall policy management pages in WatchGuard Fireware XTM before 11.8.3 allow remote attackers to inject arbitrary web script or HTML via the pol_name parameter.
Affected products
11cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:o:watchguard:fireware:*:*:*:*:*:*:*:*range: <=11.8.1
- cpe:2.3:o:watchguard:fireware:11.6:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.6.1:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.6.3:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.6.5:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.6.6:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.7:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.7.2:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.7.3:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.7.4:*:*:*:*:*:*:*
- cpe:2.3:o:watchguard:fireware:11.8:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- seclists.org/fulldisclosure/2014/Mar/154nvdExploit
- www.securityfocus.com/bid/66210nvdExploit
- watchguardsecuritycenter.com/2014/03/13/fireware-xtm-11-8-3-update-corrects-xss-flaw/nvdVendor Advisory
- www.kb.cert.org/vuls/id/807134nvdUS Government Resource
- www.securitytracker.com/id/1029924nvd
News mentions
0No linked articles in our index yet.