CVE-2025-0596

Published Mar 17, 2025

Last updated 18 days ago

CVSS high 8.7

Overview

Description
A stored Cross-site Scripting (XSS) vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Source
3DS.Information-Security@3ds.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.7
Impact score
5.8
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity
HIGH

Weaknesses

3DS.Information-Security@3ds.com
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2025-0596 A stored Cross-site Scripting (XSS) vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker… https://t.co/22dGG3Fps9

    @CVEnew

    17 Mar 2025

    339 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-0596: HIGH] Stored XSS vulnerability discovered in Bookmark Editor of ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x can enable attackers to run scripts in user's browser sessions...#cybersecurity,#vulnerability https://t.co/z6MS2raSek https://t.

    @CveFindCom

    17 Mar 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References