Unrated severityNVD Advisory· Published Dec 4, 2025· Updated Dec 5, 2025
WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in ConnectWise Technology Integration Configuration
CVE-2025-13937
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WatchGuard Fireware OS (ConnectWise Technology Integration module) allows Stored XSS.This issue affects Fireware OS 12.4 up to and including 12.11.4, 12.5 up to and including 12.5.13, and 2025.1 up to and including 2025.1.2.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<= 12.11.4, <= 12.5.13, <= 2025.1.2+ 1 more
- (no CPE)range: <= 12.11.4, <= 12.5.13, <= 2025.1.2
- (no CPE)range: 12.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.