CVE-2026-9024

Name of the Vulnerable Software and Affected Versions DELMIA Service Process Engineer versions Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x

Description A Stored Cross-site Scripting (XSS) issue in Process Experience Studio allows an attacker to execute arbitrary script code within a user's browser session. Stored XSS occurs when a malicious script is permanently stored on the target server, such as in a database, and later served to other users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.