exploitDog

CVE-2024-7736

Опубликовано: 19 сент. 2024

Источник: nvd

CVSS3: 8.7

CVSS3: 5.4

EPSS Низкий

Описание

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

Ссылки

https://www.3ds.com/vulnerability/advisories
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:3ds:3dexperience_enovia:*:*:*:*:*:*:*:*

Версия от r2022x (включая) до r2024x (включая)

EPSS

Процентиль: 67%

0.00545

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-6g58-3572-wc68

CVSS3: 8.7

github

больше 1 года назад

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

EPSS

Процентиль: 67%

0.00545

Низкий

8.7 High

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79