CVE-2023-5599 MEDIUM

CVE-2023-5599: Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x

Vendor Dassault Systèmes
Product 3DSwymer
Weakness CWE-79 · XSS
Published November 21, 2023
Last update August 7, 2024
View on NVD All CVEs

CVSS base score

5.4/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

What the vulnerability does

01Description

A stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2023x allows an attacker to execute arbitrary script code.

Key dates

02Disclosure timeline

November 21, 2023 CVE published
August 7, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-54034 Adobe Connect | Cross-site Scripting (Reflected XSS) (CWE-79) CVE-2023-47114 Ethyca Fides HTML Injection Vulnerability in HTML-Formatted DSR Packages CVE-2025-12300 code-projects Simple Food Ordering System addcategory.php cross site scripting CVE-2021-24255 Essential Addons for Elementor < 4.5.4 - Contributor+ Stored Cross-Site Scripting (XSS) CVE-2023-46211 WordPress Ultimate Addons for WPBakery Page Builder Plugin <= 3.19.14 is vulnerable to Cross Site Scripting (XSS)