CVE-2026-9024

Published Jun 1, 2026

Last updated a month ago

Overview

Description
A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x could allow an attacker to execute arbitrary script code in user's browser session.
Source
3DS.Information-Security@3ds.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.7
Impact score
5.8
Exploitability score
2.3
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Severity
HIGH

Weaknesses

3DS.Information-Security@3ds.com
CWE-79

Social media

Hype score
Not currently trending