CVE-2025-10552
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-10-13
Last updated on: 2025-12-04
Assigner: Dassault Systèmes
Description
Description
A stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| 3ds | 3dswymer | r2025x |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-10552 is a stored Cross-site Scripting (XSS) vulnerability in the 3DSwym component of 3DSwymer on the 3D EXPERIENCE platform (Release R2025x). It allows an attacker to inject and execute arbitrary script code within a user's browser session. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary scripts in your browser session, which can lead to compromise of user data or session integrity. [1]
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70