CVE-2025-0829

Name of the Vulnerable Software and Affected Versions ENOVIA Collaborative Industry Innovator versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x

Description A stored Cross-site Scripting (XSS) vulnerability in the 3D Markup component of ENOVIA Collaborative Industry Innovator allows an attacker to execute arbitrary script code in a user's browser session. This issue gives attackers the ability to run malicious scripts in user browsers.

Recommendations For versions 3DEXPERIENCE R2022x through 3DEXPERIENCE R2024x, update the system to avoid exploits. At the moment, there is no information about a newer version that contains a fix for this vulnerability.