CVE-2024-7938

Name of the Vulnerable Software and Affected Versions: 3DSwymer versions 3DEXPERIENCE R2023x through 3DEXPERIENCE R2024x

Description: A stored Cross-site Scripting (XSS) vulnerability affects 3DDashboard in 3DSwymer, allowing an attacker to execute arbitrary script code in a user's browser session. This issue enables the execution of malicious scripts, potentially leading to unauthorized actions on behalf of the user.

Recommendations: For versions 3DEXPERIENCE R2023x through 3DEXPERIENCE R2024x, update to a version that includes the fix for this stored Cross-site Scripting (XSS) vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.