Stored Cross-site Scripting Vulnerability in ENOVIA Collaborative Industry Innovator
CVE-2025-0601

Currently unrated

Key Information:

Vendor: Dassault Systèmes
Status: ENOVIA Collaborative Industry Innovator
Vendor: CVE Published:; 17 March 2025

🔔 Create Dassault Systèmes Vulnerability Alert

What is CVE-2025-0601?

A vulnerability exists in ENOVIA Collaborative Industry Innovator that allows an attacker to exploit stored Cross-site Scripting (XSS) within Issue Management. This flaw enables unauthorized execution of arbitrary scripts in the context of a user's web session, potentially compromising sensitive information or executing malicious commands. Ensuring your applications are patched and maintaining security best practices can mitigate potential risks.

References

https://www.3ds.com/vulnerability/advisories

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 17, 2025