8.7
CVE-2025-4985 - Stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manaβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4986 - Stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager from β¦
A stored Cross-site Scripting (XSS) vulnerability affecting Model Definition in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4988 - Stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in Multidisciplinary Opβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting Results Analytics in Multidisciplinary Optimization Engineer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4989 - Stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Releβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4990 - Stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager fromβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4991 - Stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
8.7
CVE-2025-4992 - Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Proceβ¦
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
0.0
CVE-2025-48331 - WordPress WooCommerce Orders & Customers Exporter <= 5.0 - Sensitive Data Exposure Vulnerability
Insertion of Sensitive Information Into Sent Data vulnerability in vanquish WooCommerce Orders & Customers Exporter woocommerce-orders-customers-exporter allows Retrieve Embedded Sensitive Data.This issue affects WooCommerce Orders & Customers Exporter: from n/a through <= 5.0.
9.1
CVE-2025-2500 -
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded.
6.3
CVE-2025-1484 -
A vulnerability exists in the media upload component of the Asset Suite versions listed below. If successfully exploited an attacker could impact the confidentiality or integrity of the system. An attacker can use this vulnerability to construct a request that will cause JavaScript code suppliedβ¦