Souvik Roy lethalcyanide

## gist:0c1044ee9261f9ffc67a02f2eb80ba4c
### **Vulnerability Details**
A reflected Cross-Site Scripting (XSS) vulnerability exists in the **Zebra ZTC ZQ620-203dpi CPCL printer (Firmware V85.20.25Z)**. This vulnerability allows an attacker within the same network as the printer to execute malicious JavaScript code by injecting a crafted script into the `ddata` and `sgd` parameter values. The exploit is triggered via the URL associated with the **"Delete" action button** in the **Alert Messaging System** function.

---

### **Proof of Concept (PoC)**

To reproduce the vulnerability, follow these steps:

1. **Connect to the printer's network** and identify its IP address (e.g., `192.168.0.107`).
	### Vulnerability Details
	A reflected Cross-Site Scripting (XSS) vulnerability exists in the Zebra ZTC ZQ620-203dpi CPCL printer (Firmware V85.20.25Z). This vulnerability allows an attacker within the same network as the printer to execute malicious JavaScript code by injecting a crafted script into the `ddata` and `sgd` parameter values. The exploit is triggered via the URL associated with the "Delete" action button in the Alert Messaging System function.

	---

	### Proof of Concept (PoC)

	To reproduce the vulnerability, follow these steps:

	1. Connect to the printer's network and identify its IP address (e.g., `192.168.0.107`).