A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Fri, 13 Sep 2024 07:15:00 +0000

Type Values Removed Values Added
Description A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Wed, 04 Sep 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared 3ds
3ds 3dexperience
CPEs cpe:2.3:a:3ds:3dexperience:r2024x:*:*:*:*:*:*:*
Vendors & Products 3ds
3ds 3dexperience

Tue, 03 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Dassault
Dassault 3dswymer 3dexperience 2024
CPEs cpe:2.3:a:dassault:3dswymer_3dexperience_2024:*:*:*:*:*:*:*:*
Vendors & Products Dassault
Dassault 3dswymer 3dexperience 2024
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 02 Sep 2024 12:00:00 +0000

Type Values Removed Values Added
Description A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Title Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: 3DS

Published:

Updated: 2024-09-13T07:02:11.678Z

Reserved: 2024-08-19T14:08:42.679Z

Link: CVE-2024-7932

cve-icon Vulnrichment

Updated: 2024-09-03T14:10:31.869Z

cve-icon NVD

Status : Modified

Published: 2024-09-02T12:15:20.130

Modified: 2024-09-13T07:15:06.800

Link: CVE-2024-7932

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.