CVE-2025-0599

Published Mar 17, 2025

Last updated 19 days ago

CVSS high 8.7

Overview

Description
A stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Source
3DS.Information-Security@3ds.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.7
Impact score
5.8
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity
HIGH

Weaknesses

3DS.Information-Security@3ds.com
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2025-0599 A stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows an atta… https://t.co/HXdrARyVpX

    @CVEnew

    17 Mar 2025

    289 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. [CVE-2025-0599: HIGH] Critical XSS vulnerability discovered in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x allows attackers to execute malicious code in user's browser during Document Ma...#cybersecurity,#vulnerability https://t.co/czIvyK1FrF https://t.

    @CveFindCom

    17 Mar 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References