CVE-2025-63229

{"id": "CVE-2025-63229", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}]}, "published": "2025-11-18T22:15:51.880", "references": [{"url": "https://github.com/shiky8/my--cve-vulnerability-research/tree/main/CVE-2025-63229_Mozart_FM_Transmitter_xss", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.dbbroadcast.com/", "tags": ["Product"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's browser, potentially stealing sensitive information, hijacking sessions, or performing unauthorized actions."}], "lastModified": "2025-12-06T00:18:19.227", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_100_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A2B25533-2EF5-4158-9505-1CD18463DB68"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7834E460-78EE-456A-84F7-0DECE004BD80"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A3497F7E-0433-444B-A58A-A795C8833966"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FDEB3E77-E3D8-4878-BBE3-74530F3469B4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_2000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A975C91C-59BD-44AC-9F67-0682CE173738"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F30F6688-FCDA-4BA5-ABD9-0EB91CDF7631"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_30_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F7B57D15-6192-4D68-9CC5-726E052E7DDD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EA1C3BA1-3E25-474B-B2A4-97136D6287BA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_300_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0130D6C-CE17-4046-B0EB-0AD2DA7DC6AC"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A04E5386-2B8E-4E5E-9766-CEA4887265D4"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_3000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9F5D088-18AE-4388-83D7-66EBF03B3091"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E5427DF7-CBAB-4BB9-9175-B7EC7012EAD0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_3500_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "285B4AB4-1F69-445E-B2D3-A0C140B55990"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_3500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "90E84970-55F7-41CB-814E-085BACFAAA91"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_50_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CD961FB-E86A-4346-9B8D-3658C7BD818F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_50:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "56699CC2-C823-4397-8C76-BC165E48D6E0"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_500_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93081491-7BD5-4AD8-B9A9-4017BD531955"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F2D2A2EE-4D89-40F7-82CF-15B01BCCA5D7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_6000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "47A934D3-C948-4618-8B1F-5C69FBE404D6"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4A4CEBFA-FFFA-48C0-AF1A-2FF83B9881B6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_next_7000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96CBA55F-3917-4E2D-80DF-3F13B1089E1B"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_next_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "D56DC454-9330-48A3-9297-1DF0609774EB"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_30_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "51C964CD-4DFC-490B-87BE-5BF6A8C31818"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E1A32EF5-D307-4012-A0F5-F12CA14256B8"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_50_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DA06D91-2A84-4980-B025-E2AB6B7A4A2E"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_50:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "E965758E-A526-47B0-81DB-F1A253F1DA09"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_100_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "406B147C-3918-4DBA-B26A-68A3FB569D80"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_100:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "1CBCB7BF-0053-4D3C-823F-C7D1465AF024"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_300_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "04FB53B4-6B83-42FA-9959-03652DD7A26F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_300:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8DE66740-2E9E-40B1-AA15-EAB1A5574C9E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_500_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A4C733E9-67C2-415D-BBAE-85DD5E5B775A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F40B30CD-8FF7-403D-A882-AECF0331255B"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_1000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8F7AA00D-A38B-409D-8258-C0222499287F"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_1000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "5F6949E5-3C57-4298-8E06-F1A034321755"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_2000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD39D574-E20A-4592-A65E-12B3F8707F47"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_2000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8557A5A5-871A-48FC-BA63-C0BB1D649C86"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_3000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "312829A7-688F-4949-A373-9E55FEE7DBAD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_3000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "FAD7B722-A221-47CA-8E2E-4BD27E57DDE5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_3500_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64F7857F-A7D7-4A54-BF1B-47CE856EDFDD"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_3500:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3A9ADD17-C038-48A6-9E77-7EE16288261C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_6000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "356E12B5-32FF-4114-9DD4-1972D2FAB281"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7315EAF4-23FD-4410-A477-3AA1F822C268"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:dbbroadcast:mozart_dds_next_7000_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "91C3B94F-F8A6-49F6-86E9-2FFFB8CF2E8A"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:dbbroadcast:mozart_dds_next_7000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F451E5A5-3429-4AEC-A968-A25C2C232C5A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}