CVE-2024-7737

Name of the Vulnerable Software and Affected Versions 3DSwymer versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x

Description A stored Cross-site Scripting (XSS) vulnerability allows an attacker to execute arbitrary script code in a user's browser session. This issue affects the 3DSwym component in 3DSwymer, enabling attackers to run malicious scripts in user sessions and posing serious cybersecurity risks.

Recommendations For versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x, consider disabling any functionality that may trigger the stored XSS vulnerability until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.