- Description
- A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.7
- Impact score
- 5.8
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
- Severity
- HIGH
- 3DS.Information-Security@3ds.com
- CWE-79
- Hype score
- Not currently trending
CVE-2025-4985 A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R… https://t.co/fdlPH2Rcee
@CVEnew
30 May 2025
228 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4985: HIGH] Important Alert: Vulnerability in Project Portfolio Manager software versions 3DEXPERIENCE R2022x to R2025x enables attackers to run malicious scripts in user's browser. Update now.#cve,CVE-2025-4985,#cybersecurity https://t.co/2WFLxvQhhj https://t.co/22iZ2A
@CveFindCom
30 May 2025
34 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes