CVE-2025-4983

Name of the Vulnerable Software and Affected Versions City Referential Manager on Release 3DEXPERIENCE R2025x

Description A stored Cross-site Scripting (XSS) vulnerability in City Referential Manager allows an attacker to execute arbitrary script code in a user's browser session. This enables the attacker to run code in the user's browser.

Recommendations For City Referential Manager on Release 3DEXPERIENCE R2025x, consider disabling the execution of scripts in the City Referential component until a patch is available. Restrict access to the City Referential Manager to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.