CVE-2024-7736

Name of the Vulnerable Software and Affected Versions ENOVIA Collaborative Industry Innovator versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x

Description A reflected Cross-site Scripting (XSS) vulnerability allows an attacker to execute arbitrary script code in a user's browser session. This issue exposes user data to attackers.

Recommendations For ENOVIA Collaborative Industry Innovator versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to sensitive data and implementing additional security measures to minimize the risk of exploitation.