34 matches found
CVE-2025-10556
A stored Cross-site Scripting XSS vulnerability affecting Specification Management in ENOVIA Specification Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
EUVD-2025-16503
Malicious code in bioql PyPI...
EUVD-2024-47486
Malicious code in bioql PyPI...
EUVD-2024-47484
Malicious code in bioql PyPI...
EUVD-2025-6577
Malicious code in bioql PyPI...
EUVD-2025-6579
Malicious code in bioql PyPI...
EUVD-2025-6574
Malicious code in bioql PyPI...
EUVD-2024-47487
Malicious code in bioql PyPI...
CVE-2025-0602
The CVE-2025-0602 entry describes a stored Cross-site Scripting (XSS) vulnerability in the Compare feature of Dassault Systèmes’ Collaborative Industry Innovator (3DEXPERIENCE) from releases R2023x through R2025x. The flaw allows an attacker to inject and execute arbitrary script code in a user’s...
CVE-2025-4985 Stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4985
CVE-2025-4985 affects Dassault Systèmes Project Portfolio Manager (Risk Management) across 3DEXPERIENCE R2022x–R2025x, with a stored XSS vulnerability that allows script execution in a user’s browser. The root cause is stored XSS within Risk Management, enabling arbitrary script execution per the...
CVE-2025-4986
CVE-2025-4986 is a stored XSS vulnerability in Dassault Systèmes’ 3DEXPERIENCE Product Manager, specifically the Model Definition feature, affecting releases from R2022x to R2025x. The captured details indicate that an attacker can execute arbitrary script in a user’s browser session via this sto...
CVE-2025-4986 Stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4989 Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4989 Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4989
CVE-2025-4989 is a stored XSS vulnerability affecting Dassault Systèmes Product Manager (Requirements in 3DEXPERIENCE R2022x–R2025x). The available connected sources confirm a stored XSS flaw in Product Manager’s Requirements that could cause arbitrary script execution in a user’s browser session...
CVE-2023-5598
Stored Cross-site Scripting XSS vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code...
CVE-2023-5597
A stored Cross-site Scripting XSS vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code...
CVE-2025-0828
A stored Cross-site Scripting XSS vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-0827
A stored Cross-site Scripting XSS vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...