A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11.8.3 via the poll_name parameter in the firewall/policy script.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6413
Reference (s):
- http://seclists.org/fulldisclosure/2014/Sep/70
- http://www.securityfocus.com/bid/69958
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96069
- https://packetstormsecurity.com/files/128310