A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
History
27 Aug 2024, 09:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session. | |
CWE |
21 Aug 2024, 15:52
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
First Time |
3ds
3ds 3dexperience |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.1 |
CWE | CWE-79 | |
CPE | cpe:2.3:o:3ds:3dexperience:*:*:*:*:*:*:*:* | |
References | () https://www.3ds.com/vulnerability/advisories - Vendor Advisory |
20 Aug 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-08-20 14:15
Updated : 2024-08-27 09:15
NVD link : CVE-2024-6379
Mitre link : CVE-2024-6379
CVE.ORG link : CVE-2024-6379
JSON object : View
Products Affected
3ds
- 3dexperience
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')