CVE-2025-4984

Name of the Vulnerable Software and Affected Versions City Referential Manager versions 3DEXPERIENCE R2025x

Description A stored Cross-site Scripting (XSS) issue affects City Discover within City Referential Manager. Exploitation allows an attacker to execute arbitrary script code within a user's browser session. A Cross-site Scripting (XSS) attack occurs when malicious scripts are injected into trusted websites. This can allow attackers to bypass access controls and execute malicious code in a user's browser.

Recommendations City Referential Manager version 3DEXPERIENCE R2025x: At the moment, there is no information about a newer version that contains a fix for this vulnerability.