CVE-2025-10554
24.11.2025, 16:15
A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in ENOVIA Product Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
| Vendor | Product | Version |
|---|---|---|
| 3ds | 3dexperience_enovia | r2023x ≤ 𝑥 ≤ r2025x |
𝑥
= Vulnerable software versions