Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dassault Systèmes | Collaborative Industry Innovator | unaffected |
|
No data.
No data.
No data available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-16499 | A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. |
| Link | Providers |
|---|---|
| https://www.3ds.com/vulnerability/advisories |
|
Fri, 30 May 2025 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 30 May 2025 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | |
| Title | Stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: 3DS
Published:
Updated: 2025-05-30T22:00:25.737Z
Reserved: 2025-05-20T07:30:44.474Z
Link: CVE-2025-4991
Vulnrichment
Updated: 2025-05-30T14:39:15.805Z
NVD
Status : Awaiting Analysis
Published: 2025-05-30T15:15:42.703
Modified: 2025-05-30T16:31:03.107
Link: CVE-2025-4991
Redhat
No data.
OpenCVE Enrichment
No data.