A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
History
21 Aug 2024, 15:53
Type | Values Removed | Values Added |
---|---|---|
First Time |
3ds
3ds 3dexperience |
|
References | () https://www.3ds.com/vulnerability/advisories - Vendor Advisory | |
Summary |
|
|
CPE | cpe:2.3:o:3ds:3dexperience:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
20 Aug 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-20 14:15
Updated : 2024-08-21 15:53
NVD link : CVE-2024-6378
Mitre link : CVE-2024-6378
CVE.ORG link : CVE-2024-6378
JSON object : View
Products Affected
3ds
- 3dexperience
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')