Dassault Systèmes ENOVIA Collaborative Industry Innovator vRelease 3DEXPERIENCE R2024x.FP.CFA.2424 - 3 CVEs

CVE-2024-12091

A stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

HIGH CVSS 8.7 Published Dec 16, 2024

CVE-2024-7736

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

HIGH CVSS 8.7 Published Sep 19, 2024

CVE-2024-6378

A reflected Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x allows an attacker to execute arbitrary script code in user's browser session.

HIGH CVSS 8.7 Published Aug 20, 2024

Version Release 3DEXPERIENCE R2024x.FP.CFA.2424

Known Vulnerabilities

CVE-2024-12091

CVE-2024-7736

CVE-2024-6378