CNNVD-202510-1687 Information

CNNVD ID

CNNVD-202510-1687

Related CVE

CVE-2025-10556

• CNNVD Published: 2025-10-13

Description (Chinese)

Dassault Systèmes ENOVIA Specification Manager是法国达索系统（Dassault Systèmes）公司的一个用于创建、管理和协作产品规格的应用模块。 Dassault Systèmes ENOVIA Specification Manager存在安全漏洞，该漏洞源于存储型跨站脚本漏洞，可能导致攻击者在用户浏览器会话中执行任意脚本代码。

Description (English)

Dassault Systèmes ENOVIA Specification Manager is an application module for the creation, management and collaboration of product specifications of Dassault Systèmes, France. Dassault Systèmes ENOVIA Specification Manager has a security loophole, which stems from the storage-type cross-site script loophole, which may lead the assailant to enforce any script code in the user browser session.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Dassault Systèmes

Published

2025-10-13

Last Modified

2026-02-24

References

https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10556

Patch

https://www.3ds.com/products/enovia