CVE-2025-63229

None

Description

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's browser, potentially stealing sensitive information, hijacking sessions, or performing unauthorized actions.

INFO

Published Date :

2025-11-18T00:00:00.000Z

Last Modified :

2025-11-19T14:09:03.395Z

Source :

mitre

AFFECTED PRODUCTS

The following products are affected by CVE-2025-63229 vulnerability.

Vendors	Products
Dbbroadcast	Mozart Dds Next 100 Mozart Dds Next 1000 Mozart Dds Next 1000 Firmware Mozart Dds Next 100 Firmware Mozart Dds Next 2000 Mozart Dds Next 2000 Firmware Mozart Dds Next 30 Mozart Dds Next 300 Mozart Dds Next 3000 Mozart Dds Next 3000 Firmware Mozart Dds Next 300 Firmware Mozart Dds Next 30 Firmware Mozart Dds Next 3500 Mozart Dds Next 3500 Firmware Mozart Dds Next 50 Mozart Dds Next 500 Mozart Dds Next 500 Firmware Mozart Dds Next 50 Firmware Mozart Dds Next 6000 Mozart Dds Next 6000 Firmware Mozart Dds Next 7000 Mozart Dds Next 7000 Firmware Mozart Fm Transmitter Mozart Next 100 Mozart Next 1000 Mozart Next 1000 Firmware Mozart Next 100 Firmware Mozart Next 2000 Mozart Next 2000 Firmware Mozart Next 30 Mozart Next 300 Mozart Next 3000 Mozart Next 3000 Firmware Mozart Next 300 Firmware Mozart Next 30 Firmware Mozart Next 3500 Mozart Next 3500 Firmware Mozart Next 50 Mozart Next 500 Mozart Next 500 Firmware Mozart Next 50 Firmware Mozart Next 6000 Mozart Next 6000 Firmware Mozart Next 7000 Mozart Next 7000 Firmware

Vendors

Products

Dbbroadcast