Stored Cross-site Scripting Vulnerability in 3DSwymer by Dassault Systèmes
CVE-2025-0827

Currently unrated

Key Information:

Vendor

Dassault Systèmes

Status
3DSwymer
Vendor
CVE Published:
17 March 2025

What is CVE-2025-0827?

A stored Cross-site Scripting (XSS) vulnerability in 3DSwymer from Dassault Systèmes enables attackers to inject malicious scripts that can be executed in the browser session of users. This vulnerability is present in versions from Release 3DEXPERIENCE R2022x to R2024x, allowing unauthorized execution of scripts when users interact with compromised content.

References

https://www.3ds.com/vulnerability/advisories

Timeline

  • Vulnerability published

.