CVE-2026-2101
Received Received - Intake
Reflected XSS in ENOVIAvpm Web Access Enables Script Execution

Publication date: 2026-02-16

Last updated on: 2026-02-16

Assigner: Dassault Systèmes

Description
A Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access from ENOVIAvpm Version 1 Release 16 through ENOVIAvpm Version 1 Release 19 allows an attacker to execute arbitrary script code in user's browser session.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-16
Last Modified
2026-02-16
Generated
2026-06-16
AI Q&A
2026-02-16
EPSS Evaluated
2026-06-15
NVD
CVE-2026-2101
EUVD
EUVD-2026-7826
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
enoviavpm enoviavpm_web_access From 1_release_16 (inc) to 1_release_19 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-2101 is a Reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIAvpm Web Access versions from 1 Release 16 through 1 Release 19.'}, {'type': 'paragraph', 'content': "This vulnerability allows an attacker to execute arbitrary script code within the user's browser session when interacting with the affected versions."}] [1]

Impact Analysis

[{'type': 'paragraph', 'content': "An attacker exploiting this vulnerability can execute arbitrary scripts in the context of the user's browser session."}, {'type': 'paragraph', 'content': 'This can lead to theft of sensitive information, session hijacking, or performing actions on behalf of the user without their consent.'}, {'type': 'paragraph', 'content': 'The vulnerability is rated with a high severity score (CVSS 8.7), indicating a significant impact on confidentiality and integrity.'}] [1]

Compliance Impact

I don't know

Detection Guidance

I don't know

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-2101. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart