3dexperience

Vendor: 3ds • 11 CVEs

CVEs (11)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-10559 13ds 13dexperience Apr 6, 2026 Mar 31, 2026 N/A· v4 9.1 CRITICAL· v3 N/A· v2 A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in sp...Show more A Path Traversal vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to read or write files in specific directories on the server.Show less
CVE-2025-10553 13ds 13dexperience Apr 6, 2026 Mar 31, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execut...Show more A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.Show less
CVE-2025-10551 13ds 13dexperience Apr 13, 2026 Mar 31, 2026 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execut...Show more A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.Show less
CVE-2024-7939 13ds 13dexperience Sep 13, 2024 Sep 2, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2024-7938 13ds 13dexperience Sep 4, 2024 Sep 2, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's brows...Show more A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.Show less
CVE-2024-7932 13ds 13dexperience Sep 13, 2024 Sep 2, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer on Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2024-6379 13ds 13dexperience Aug 27, 2024 Aug 20, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A reflected Cross-site Scripting (XSS) vulnerability affecting 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2024-6378 13ds 13dexperience Aug 21, 2024 Aug 20, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script c...Show more A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.Show less
CVE-2024-6377 13ds 13dexperience Aug 27, 2024 Aug 20, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrar...Show more An URL redirection to untrusted site (open redirect) vulnerability affecting 3DPassport in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to redirect users to an arbitrary website via a crafted URL.Show less
CVE-2023-1997 13ds 13dexperience Nov 21, 2024 Aug 28, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 An OS Command Injection vulnerability exists in SIMULIA 3DOrchestrate from Release 3DEXPERIENCE R2021x through Release 3DEXPERIENCE R2023x. A specially crafted HTTP request can lead to arbitrary command execution.
CVE-2023-1996 13ds 13dexperience Nov 21, 2024 May 19, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A reflected Cross-site Scripting (XSS) vulnerability in Release 3DEXPERIENCE R2018x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code.