CVE-2024-7932

A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
References
Link Resource
https://www.3ds.com/vulnerability/advisories Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:3ds:3dexperience:r2024x:*:*:*:*:*:*:*

History

13 Sep 2024, 07:15

Type Values Removed Values Added
Summary (en) A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer Release on 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. (en) A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

04 Sep 2024, 14:52

Type Values Removed Values Added
References () https://www.3ds.com/vulnerability/advisories - () https://www.3ds.com/vulnerability/advisories - Vendor Advisory
CPE cpe:2.3:a:3ds:3dexperience:r2024x:*:*:*:*:*:*:*
First Time 3ds 3dexperience
3ds
CVSS v2 : unknown
v3 : 8.7
v2 : unknown
v3 : 5.4

03 Sep 2024, 12:59

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de Cross-site Scripting (XSS) Almacenado que afecta a 3DDashboard en 3DSwymer Release en 3DEXPERIENCE R2024x permite a un atacante ejecutar código de script arbitrario en la sesión del navegador del usuario.

02 Sep 2024, 12:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-09-02 12:15

Updated : 2024-09-13 07:15


NVD link : CVE-2024-7932

Mitre link : CVE-2024-7932

CVE.ORG link : CVE-2024-7932


JSON object : View

Products Affected

3ds

  • 3dexperience
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')