A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.3ds.com/vulnerability/advisories |
History
Wed, 16 Oct 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dassult
Dassult enovia Collaborative Industry Innovator |
|
CPEs | cpe:2.3:a:dassult:enovia_collaborative_industry_innovator:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dassult
Dassult enovia Collaborative Industry Innovator |
|
Metrics |
ssvc
|
Wed, 16 Oct 2024 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | |
Title | Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: 3DS
Published: 2024-10-16T11:28:28.769Z
Updated: 2024-10-16T16:18:04.990Z
Reserved: 2024-06-27T08:01:26.423Z
Link: CVE-2024-6380
Vulnrichment
Updated: 2024-10-16T16:17:55.407Z
NVD
Status : Awaiting Analysis
Published: 2024-10-16T12:15:08.767
Modified: 2024-10-16T16:38:14.557
Link: CVE-2024-6380
Redhat
No data.