CVE-2025-0832

Published Mar 17, 2025

Last updated 18 days ago

CVSS high 8.7

Overview

Description
A stored Cross-site Scripting (XSS) vulnerability affecting Project Gantt in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
Source
3DS.Information-Security@3ds.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.7
Impact score
5.8
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity
HIGH

Weaknesses

3DS.Information-Security@3ds.com
CWE-79

Social media

Hype score
Not currently trending

  1. [CVE-2025-0832: HIGH] Critical XSS vulnerability in Project Gantt of ENOVIA Collaborative Industry Innovator versions R2022x to R2024x permits attackers to run arbitrary script code in user browsers, posing a sign...#cybersecurity,#vulnerability https://t.co/DYkfYVbvWG https://t.

    @CveFindCom

    17 Mar 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References