Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Dassault Systèmes | Collaborative Industry Innovator | unaffected |
|
No data.
No data.
No data available yet.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2025-16499 | A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. |
| Link | Providers |
|---|---|
| https://www.3ds.com/vulnerability/advisories |
|
Fri, 30 May 2025 23:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 30 May 2025 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session. | |
| Title | Stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x | |
| Weaknesses | CWE-79 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
MITRE
Status: PUBLISHED
Assigner: 3DS
Published:
Updated: 2025-05-30T22:00:25.737Z
Reserved: 2025-05-20T07:30:44.474Z
Link: CVE-2025-4991
Vulnrichment
Updated: 2025-05-30T14:39:15.805Z
NVD
Status : Deferred
Published: 2025-05-30T15:15:42.703
Modified: 2026-04-15T00:35:42.020
Link: CVE-2025-4991
Redhat
No data.
OpenCVE Enrichment
No data.