CVE-2025-0599

Name of the Vulnerable Software and Affected Versions ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x

Description A stored Cross-site Scripting (XSS) vulnerability affecting Document Management allows an attacker to execute arbitrary script code in a user's browser session. This issue enables attackers to execute malicious code in a user's browser during Document Management.

Recommendations For ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x, consider disabling Document Management functionality until a patch is available to prevent the execution of arbitrary script code in user's browser sessions. Restrict access to Document Management to minimize the risk of exploitation.