A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
References
Link | Resource |
---|---|
https://www.3ds.com/vulnerability/advisories | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Sep 2024, 14:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
CPE | cpe:2.3:a:3ds:3dexperience:r2024x:*:*:*:*:*:*:* cpe:2.3:a:3ds:3dexperience:r2023x:*:*:*:*:*:*:* |
|
First Time |
3ds
3ds 3dexperience |
|
References | () https://www.3ds.com/vulnerability/advisories - Vendor Advisory |
03 Sep 2024, 12:59
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
02 Sep 2024, 12:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-09-02 12:15
Updated : 2024-09-04 14:53
NVD link : CVE-2024-7938
Mitre link : CVE-2024-7938
CVE.ORG link : CVE-2024-7938
JSON object : View
Products Affected
3ds
- 3dexperience
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')