CVE-2023-2139 MEDIUM

CVE-2023-2139: Reflected Cross-site Scripting vulnerability affecting DELMIA Apriso Release 2017 through Release 2022

Vendor Dassault Systèmes
Product DELMIA Apriso
Weakness CWE-79 · XSS
Published April 21, 2023
Last update February 4, 2025

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

What the vulnerability does

01Description

A reflected Cross-site Scripting (XSS) Vulnerability in DELMIA Apriso Release 2017 through Release 2022 allows an attacker to execute arbitrary script code.

Key dates

02Disclosure timeline

April 21, 2023 CVE published
February 4, 2025 Record updated