1. Home
  2. CVE Database
  3. CVE-2025-63229
MEDIUM · 5.4

CVE-2025-63229

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScr...

Vulnerability Description

The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScript payload into the ?m= query parameter, an attacker can execute arbitrary code in the victim's browser, potentially stealing sensitive information, hijacking sessions, or performing unauthorized actions.

CVSS Score

5.4

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality
LOW
Integrity
LOW
Availability
NONE

Affected Products

VendorProductVersions
DbbroadcastMozart Next 100 Firmware-
DbbroadcastMozart Next 100-
DbbroadcastMozart Next 1000 Firmware-
DbbroadcastMozart Next 1000-
DbbroadcastMozart Next 2000 Firmware-
DbbroadcastMozart Next 2000-
DbbroadcastMozart Next 30 Firmware-
DbbroadcastMozart Next 30-
DbbroadcastMozart Next 300 Firmware-
DbbroadcastMozart Next 300-
DbbroadcastMozart Next 3000 Firmware-
DbbroadcastMozart Next 3000-
DbbroadcastMozart Next 3500 Firmware-
DbbroadcastMozart Next 3500-
DbbroadcastMozart Next 50 Firmware-
DbbroadcastMozart Next 50-
DbbroadcastMozart Next 500 Firmware-
DbbroadcastMozart Next 500-
DbbroadcastMozart Next 6000 Firmware-
DbbroadcastMozart Next 6000-

Related Weaknesses (CWE)

CWE-79

References

FAQ

What is CVE-2025-63229?

CVE-2025-63229 is a vulnerability with a CVSS score of 5.4 (MEDIUM). The Mozart FM Transmitter web management interface on version WEBMOZZI-00287, contains a reflected Cross-Site Scripting (XSS) vulnerability in the /main0.php endpoint. By injecting a malicious JavaScr...

How severe is CVE-2025-63229?

CVE-2025-63229 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-63229?

Check the references section above for vendor advisories and patch information. Affected products include: Dbbroadcast Mozart Next 100 Firmware, Dbbroadcast Mozart Next 100, Dbbroadcast Mozart Next 1000 Firmware, Dbbroadcast Mozart Next 1000, Dbbroadcast Mozart Next 2000 Firmware.