2025-01-08 03:30:50
jpcert
PUBLISHED
Cross-site scripting vulnerability exists in MZK-DP300N firmware versions 1.05 and earlier. If an attacker logs in to the affected product and manipulates the device settings, an arbitrary script may be executed on the logged-in users web browser when accessing a crafted URL.