{"vulnerability": "CVE-2025-21603", "sightings": [{"uuid": "e8c166ad-5a2a-4b68-a618-207c89dd4228", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lfgguvpga222", "content": "", "creation_timestamp": "2025-01-11T00:22:49.984625Z"}, {"uuid": "ab93ec61-51b4-4945-afbe-18c82b7b6256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113790686183065901", "content": "", "creation_timestamp": "2025-01-08T03:47:58.242078Z"}, {"uuid": "bd915c96-f256-4200-a895-b3604a753281", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7cjumvyu2i", "content": "", "creation_timestamp": "2025-01-08T04:16:20.855978Z"}, {"uuid": "6b60f68d-07f7-4d5c-b715-d51ad987e66c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7h4ofmfu2i", "content": "", "creation_timestamp": "2025-01-08T05:38:30.387260Z"}, {"uuid": "990ebc76-3699-4af2-b5b7-33b25521c88c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/614", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-21603\n\ud83d\udd39 Description: Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL.\n\ud83d\udccf Published: 2025-01-08T03:30:50.390Z\n\ud83d\udccf Modified: 2025-01-08T03:30:50.390Z\n\ud83d\udd17 References:\n1. https://www.planex.co.jp/support/download/mzk-dp300n/\n2. https://jvn.jp/en/jp/JVN57428125/", "creation_timestamp": "2025-01-08T03:37:57.000000Z"}, {"uuid": "0242a41c-f9db-4a07-a084-c1f09372e14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-21603", "type": "seen", "source": "https://t.me/cvedetector/14640", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-21603 - MZK-DP300N Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-21603 \nPublished : Jan. 8, 2025, 4:15 a.m. | 29\u00a0minutes ago \nDescription : Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in user's web browser when accessing a crafted URL. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T05:46:44.000000Z"}]}