Lucene search

K
nvd[email protected]NVD:CVE-2023-5598
HistoryNov 21, 2023 - 10:15 a.m.

CVE-2023-5598

2023-11-2110:15:07
CWE-79
web.nvd.nist.gov
5
3dswym
stored cross-site scripting
xss
3dexperience
r2022x
r2023x
arbitrary script code
vulnerabilities

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

22.5%

Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code.

Affected configurations

Nvd
Node
dassault3dswymer_3dexperience_2022Matchfp.cfa.2337
OR
dassault3dswymer_3dexperience_2023Matchfp.cfa.2333
VendorProductVersionCPE
dassault3dswymer_3dexperience_2022fp.cfa.2337cpe:2.3:a:dassault:3dswymer_3dexperience_2022:fp.cfa.2337:*:*:*:*:*:*:*
dassault3dswymer_3dexperience_2023fp.cfa.2333cpe:2.3:a:dassault:3dswymer_3dexperience_2023:fp.cfa.2333:*:*:*:*:*:*:*

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

22.5%

Related for NVD:CVE-2023-5598