First published: Tue Nov 21 2023(Updated: )
Stored Cross-site Scripting (XSS) vulnerabilities affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allow an attacker to execute arbitrary script code.
Credit: 3DS.Information-Security@3ds.com
Affected Software | Affected Version | How to fix |
---|---|---|
Dassault 3dswymer 3dexperience 2022 | =fp.cfa.2337 | |
Dassault 3dswymer 3dexperience 2023 | =fp.cfa.2333 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-5598 is medium with a severity value of 5.4.
CVE-2023-5598 is a stored Cross-site Scripting (XSS) vulnerability affecting 3DSwym in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x, which allows an attacker to execute arbitrary script code.
CVE-2023-5598 affects Dassault 3dswymer 3dexperience 2022 (version fp.cfa.2337) and Dassault 3dswymer 3dexperience 2023 (version fp.cfa.2333).
An attacker can exploit CVE-2023-5598 by injecting malicious script code into 3DSwym in 3DSwymer and executing it on the targeted user's browser.
It is recommended to apply the latest updates and patches provided by Dassault to mitigate the CVE-2023-5598 vulnerability.