CVE-2025-0828

High CVSS: 8.7

A stored Cross-site Scripting (XSS) vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Vendor

3ds

Product

3dexperience Enovia

CWE

CWE-79

Yayın Tarihi

2025-03-17 14:15:21

Güncelleme

2025-10-22 16:26:21

Source Identifier

3DS.Information-Security@3ds.com

KEV Date Added

Kategoriler

CWE-79 3dexperience Enovia HIGH 3ds 2025

Referanslar

https://www.3ds.com/vulnerability/advisories

Benzer Kayıtlar

High

CVE-2025-10553

A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manag…

High

CVE-2025-10559

A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DE…

High

CVE-2026-1333

A Use of Uninitialized Variable vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Rel…

High

CVE-2026-1334

An Out-Of-Bounds Read vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLID…

High

CVE-2026-1335

An Out-Of-Bounds Write vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLI…

High

CVE-2025-12956

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEX…