A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Third Party Advisory Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
25 Nov 2023, 01:23
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:dassault:3dswymer_3dexperience_2023:fp.cfa.2333:*:*:*:*:*:*:* cpe:2.3:a:dassault:3dswymer_3dexperience_2022:fp.cfa.2337:*:*:*:*:*:*:* |
|
References | () https://www.3ds.com/vulnerability/advisories - Third Party Advisory, Vendor Advisory | |
First Time |
Dassault 3dswymer 3dexperience 2022
Dassault 3dswymer 3dexperience 2023 Dassault |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CWE | CWE-79 |
21 Nov 2023, 10:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-21 10:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-5599
Mitre link : CVE-2023-5599
CVE.ORG link : CVE-2023-5599
JSON object : View
Products Affected
dassault
- 3dswymer_3dexperience_2023
- 3dswymer_3dexperience_2022
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')