exploitDog

CVE-2024-12091

Опубликовано: 16 дек. 2024

Источник: nvd

CVSS3: 8.7

CVSS3: 5.4

EPSS Низкий

Описание

A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Ссылки

https://www.3ds.com/vulnerability/advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:3ds:3dexperience_enovia:*:*:*:*:*:*:*:*

Версия от r2022x (включая) до r2024x (включая)

EPSS

Процентиль: 72%

0.007

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-c82h-4vv7-76g8

CVSS3: 8.7

github

около 1 года назад

A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

EPSS

Процентиль: 72%

0.007

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79