- Description
- A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
- Source
- 3DS.Information-Security@3ds.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.7
- Impact score
- 5.8
- Exploitability score
- 2.3
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
- Severity
- HIGH
- 3DS.Information-Security@3ds.com
- CWE-79
- Hype score
- Not currently trending
CVE-2025-4991 A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE … https://t.co/NlSHYUry5D
@CVEnew
30 May 2025
271 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-4991: HIGH] Critical XSS flaw in 3D Markup of Collaborative Industry Innovator allows attackers to run malicious scripts in user browsers from version R2022x to R2025x #cybersecurity#cve,CVE-2025-4991,#cybersecurity https://t.co/tcIMl6T3Hv https://t.co/AdFIGSoqxE
@CveFindCom
30 May 2025
24 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes