PT-2023-32204 · 3Dswymer+1 · 3Dswymer+1
Published
2023-11-21
·
Updated
2023-11-25
·
CVE-2023-5599
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
3DSwymer versions Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x
Description
A stored Cross-site Scripting (XSS) issue allows an attacker to execute arbitrary script code. This affects the 3DDashboard component.
Recommendations
For versions Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x, consider disabling the 3DDashboard component until a patch is available to prevent exploitation of the stored Cross-site Scripting issue.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
3Ddashboard
3Dswymer