CVE-2025-10551 Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x

A Stored Cross-site Scripting XSS vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

PT-2026-29205

A Stored Cross-site Scripting XSS vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

EUVD-2025-198889

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

CVE-2025-10555 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

CVE-2025-10555 Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x

A stored Cross-site Scripting XSS vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

CVE-2025-10552

A stored Cross-site Scripting XSS vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session...

CVE-2025-10557

The CVE-2025-10557 entry concerns a stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator’s Issue Management. Concrete details from connected sources show affected software as ENOVIA Collaborative Industry Innovator (3DEXPERIENCE) with vulnerable versions span...

CVE-2025-9976

The CVE-2025-9976 entry relates to an OS Command Injection in the Station Launcher App of the Dassault Systèmes 3DEXPERIENCE platform, affecting releases R2022x through R2025x. Attackers could execute arbitrary code on a user’s machine, with console context requiring user interaction and network ...

CVE-2025-9976 OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x

An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x could allow an attacker to execute arbitrary code on the user's machine...

PT-2025-41768

Name of the Vulnerable Software and Affected Versions 3DSearch on 3DSwymer versions prior to 3DEXPERIENCE R2025x Description A stored Cross-site Scripting XSS issue exists in 3DSearch within 3DSwymer. This allows an attacker to execute arbitrary script code within a user’s browser session...

Dassault Systèmes City Referential Manager 跨站脚本漏洞

Dassault Systèmes City Referential Manager is a City Referential Manager from Dassault Systèmes France. A cross-site scripting vulnerability exists in Dassault Systèmes City Referential Manager 3DEXPERIENCE version R2025x, which originates from stored cross-site scripting and could lead to...

CVE-2024-12090

A stored Cross-site Scripting XSS vulnerability affecting ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

CVE-2024-6380

A reflected Cross-site Scripting XSS vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session...

Dassault Systèmes 3DEXPERIENCE Security Vulnerability

Dassault Systèmes 3DEXPERIENCE is a business and innovation platform from Dassault Systèmes, France. A security vulnerability exists in 3DEXPERIENCE, SIMULIA Abaqus, SIMULIA Isight, and CATIA Composer, which stems from the presence of an operating system command injection vulnerability, where a...

Dassault Systèmes 3DEXPERIENCE Cross-Site Scripting Vulnerability

Dassault Systèmes 3DEXPERIENCE is a business and innovation platform from Dassault Systèmes France. A cross-site scripting vulnerability exists in Dassault Systèmes 3DEXPERIENCE version R2022x through 3DEXPERIENCE version R2023x, which stems from the presence of a Stored Cross-Site Scripting XSS...

CVE-2023-1997

An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution...

CVE-2023-1996

A reflected Cross-site Scripting XSS vulnerability in Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code...