213 matches found
CVE-2025-4990
A stored Cross-site Scripting XSS vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4991
A stored Cross-site Scripting XSS vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4989
A stored Cross-site Scripting XSS vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-0602
The CVE-2025-0602 entry describes a stored Cross-site Scripting (XSS) vulnerability in the Compare feature of Dassault Systèmes’ Collaborative Industry Innovator (3DEXPERIENCE) from releases R2023x through R2025x. The flaw allows an attacker to inject and execute arbitrary script code in a user’s...
CVE-2025-0602 Stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-0602 Stored Cross-site Scripting (XSS) vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Compare in Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4983 Stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4983 Stored Cross-site Scripting (XSS) vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting City Referential in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4983
CVE-2025-4983 is a stored Cross-site Scripting (XSS) vulnerability affecting City Referential Manager on Release 3DEXPERIENCE R2025x. The issue concerns the City Referential component, with the underlying impact being arbitrary script execution in a user’s browser session. The provided metrics in...
CVE-2025-4984 Stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4984 Stored Cross-site Scripting (XSS) vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting City Discover in City Referential Manager on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4984
CVE-2025-4984 describes a stored XSS vulnerability in City Discover within City Referential Manager on Release 3DEXPERIENCE R2025x. The issue affects City Discover/City Referential Manager components and could allow an attacker to execute arbitrary script code in a user’s browser session. The lin...
CVE-2025-4985
CVE-2025-4985 affects Dassault Systèmes Project Portfolio Manager (Risk Management) across 3DEXPERIENCE R2022x–R2025x, with a stored XSS vulnerability that allows script execution in a user’s browser. The root cause is stored XSS within Risk Management, enabling arbitrary script execution per the...
CVE-2025-4985 Stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4986 Stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4986 Stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4986
CVE-2025-4986 is a stored XSS vulnerability in Dassault Systèmes’ 3DEXPERIENCE Product Manager, specifically the Model Definition feature, affecting releases from R2022x to R2025x. The captured details indicate that an attacker can execute arbitrary script in a user’s browser session via this sto...
CVE-2025-4988 Stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in Multidisciplinary Optimization Engineer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x
A stored Cross-site Scripting XSS vulnerability affecting Results Analytics in Multidisciplinary Optimization Engineer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...
CVE-2025-4989
CVE-2025-4989 is a stored XSS vulnerability affecting Dassault Systèmes Product Manager (Requirements in 3DEXPERIENCE R2022x–R2025x). The available connected sources confirm a stored XSS flaw in Product Manager’s Requirements that could cause arbitrary script execution in a user’s browser session...
CVE-2025-4989 Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x
A stored Cross-site Scripting XSS vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...