Stored XSS Vulnerability in ENOVIA Collaborative Industry Innovator by Dassault Systèmes
CVE-2025-0596

Currently unrated

Key Information:

Vendor

Dassault Systèmes

Status
ENOVIA Collaborative Industry Innovator
Vendor
CVE Published:
17 March 2025

What is CVE-2025-0596?

A stored Cross-site Scripting (XSS) vulnerability in the Bookmark Editor of ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x permits attackers to inject malicious script into an application, allowing them to execute arbitrary code within the context of a user's browser session. This could lead to unauthorized access to sensitive data and compromise user accounts, making it essential for users to be aware of this risk and take necessary precautions.

References

https://www.3ds.com/vulnerability/advisories

Timeline

  • Vulnerability published

.
CVE-2025-0596 : Stored XSS Vulnerability in ENOVIA Collaborative Industry Innovator by Dassault Systèmes