A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
History

Fri, 13 Sep 2024 07:15:00 +0000

Type Values Removed Values Added
Description A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Wed, 04 Sep 2024 15:15:00 +0000

Type Values Removed Values Added
First Time appeared 3ds
3ds 3dexperience
CPEs cpe:2.3:a:3ds:3dexperience:r2024x:*:*:*:*:*:*:*
Vendors & Products 3ds
3ds 3dexperience

Tue, 03 Sep 2024 14:30:00 +0000

Type Values Removed Values Added
First Time appeared Dassault
Dassault 3dswymer 3dexperience 2024
CPEs cpe:2.3:a:dassault:3dswymer_3dexperience_2024:*:*:*:*:*:*:*:*
Vendors & Products Dassault
Dassault 3dswymer 3dexperience 2024
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 02 Sep 2024 12:00:00 +0000

Type Values Removed Values Added
Description A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Title Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 8.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: 3DS

Published: 2024-09-02T11:48:47.727Z

Updated: 2024-09-13T07:02:11.678Z

Reserved: 2024-08-19T14:08:42.679Z

Link: CVE-2024-7932

cve-icon Vulnrichment

Updated: 2024-09-03T14:10:31.869Z

cve-icon NVD

Status : Modified

Published: 2024-09-02T12:15:20.130

Modified: 2024-09-13T07:15:06.800

Link: CVE-2024-7932

cve-icon Redhat

No data.