Lucene search
K
3ds3dexperience

11 matches found

CVE
CVE
added 2023/05/19 4:37 p.m.70 views

CVE-2023-1996

CVE-2023-1996 is a reflected XSS vulnerability affecting Dassault Systèmes 3DEXPERIENCE versions R2018x through R2023x. The issue enables an attacker to execute arbitrary script code via user-provided input in a reflected context. The CVSSv3.1 Base score is 6.1 (Medium) with network attack vector...

6.1CVSS6.1AI score0.00353EPSS
CVE
CVE
added 2024/09/02 11:49 a.m.64 views

CVE-2024-7939

CVE-2024-7939 describes a stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Dassault Systèmes 3DEXPERIENCE Release R2024x. The connected sources identify the affected component as 3DSwym/3DSwymer within the R2024x release and confirm the vulnerability type as stored ...

8.7CVSS6.6AI score0.00295EPSS
CVE
CVE
added 2024/09/02 11:48 a.m.58 views

CVE-2024-7932

CVE-2024-7932 is a stored XSS vulnerability in 3DSwymer’s 3DDashboard on the 3DEXPERIENCE R2024x release. The description notes that an attacker could cause arbitrary script execution in a user’s browser session. Affected software/component: 3DSwymer/3DDashboard integrated with 3DEXPERIENCE R2024...

8.7CVSS6.6AI score0.00295EPSS
CVE
CVE
added 2024/08/20 1:45 p.m.57 views

CVE-2024-6378

CVE-2024-6378 is a reflected XSS vulnerability in ENOVIA Collaborative Industry Innovator affecting 3DEXPERIENCE R2022x through R2024x. The connected sources clearly identify the affected product and the underlying issue: a reflected cross-site scripting flaw that could cause arbitrary script exe...

8.7CVSS7.9AI score0.00348EPSS
CVE
CVE
added 2024/08/20 1:44 p.m.56 views

CVE-2024-6379

CVE-2024-6379: A reflected Cross-site Scripting (XSS) vulnerability affects 3DSwymer in the 3DEXPERIENCE releases R2022x through R2024x. The issue enables execution of arbitrary script code in a user’s browser session. Connected sources also describe an associated open redirect vulnerability in 3...

7.7CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/09/02 11:48 a.m.56 views

CVE-2024-7938

CVE-2024-7938 is a stored XSS in 3DSwymer’s 3DDashboard affecting 3DEXPERIENCE R2023x through R2024x. The vulnerability stems from insecure handling of input in the dashboard, enabling arbitrary script execution in a user’s browser session. The PT-2024-38703 advisory explicitly lists the affected...

8.7CVSS6.6AI score0.00295EPSS
CVE
CVE
added 2024/08/20 1:45 p.m.55 views

CVE-2024-6377

The CVE-2024-6377 entry describes an open redirect vulnerability in 3DPassport within 3DSwymer, affecting Release 3DEXPERIENCE R2022x through R2024x. The issue allows an attacker to redirect users to an arbitrary website via a crafted URL. Affected component/function is 3DPassport in 3DSwymer; ro...

8.1CVSS6.9AI score0.00263EPSS
CVE
CVE
added 2023/08/28 3:37 p.m.50 views

CVE-2023-1997

CVE-2023-1997 describes an OS Command Injection vulnerability in SIMULIA 3DOrchestrate, affecting versions released in 3DEXPERIENCE R2021x through R2023x. The issue arises from a specially crafted HTTP request that can lead to arbitrary command execution, indicating a network-accessible vector wi...

8.8CVSS9.1AI score0.01724EPSS
CVE
CVE
added 2026/03/31 8:38 a.m.20 views

CVE-2025-10551

ENOVIA Collaborative Industry Innovator – Document Management (3DEXPERIENCE) is affected by CVE-2025-10551 in releases R2023x through R2025x. It is a Stored XSS vulnerability that could allow an attacker to execute arbitrary script in a user’s browser session. CVSSv3.1 base score 8.7 (High): AV:N...

8.7CVSS6.2AI score0.00166EPSS
CVE
CVE
added 2026/03/31 8:41 a.m.15 views

CVE-2025-10553

The CVE-2025-10553 entry applies to DELMIA Factory Resource Manager: Factory Resource Management within DELMIA’s 3DEXPERIENCE platform, affected from Release R2023x through R2025x. The vulnerability is a Stored Cross-site Scripting (XSS) flaw that can allow an attacker to execute arbitrary script...

8.7CVSS6.2AI score0.00166EPSS
CVE
CVE
added 2026/03/31 8:41 a.m.11 views

CVE-2025-10559

CVE-2025-10559 is a path traversal flaw in the DELMIA Factory Resource Manager (Factory Resource Management) affecting Release 3DEXPERIENCE R2023x through R2025x. The vulnerability arises from improper validation of inputs to the resource management component, allowing an attacker to read or writ...

9.1CVSS5.9AI score0.00271EPSS