CVE-2025-4991 in Collaborative Industry Innovatorinfo

Summary

by MITRE • 05/30/2025

A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 05/30/2025

This stored cross-site scripting vulnerability exists within the 3D Markup functionality of Dassault Systèmes' collaborative innovation platform known as 3DEXPERIENCE. The flaw affects all releases from R2022x through R2025x, representing a significant security gap that persists across multiple generations of the software. The vulnerability specifically targets the 3D Markup component which enables users to create and share three-dimensional design elements within collaborative environments. This represents a critical weakness in the platform's input validation and output encoding mechanisms, where user-supplied markup data is not properly sanitized before being rendered in browser contexts.

The technical implementation of this vulnerability stems from insufficient sanitization of user inputs within the 3D Markup processing pipeline. When users submit markup content containing malicious script payloads, the system fails to adequately escape or filter special characters that could be interpreted as executable code by web browsers. This allows an attacker to inject malicious javascript code that gets stored within the platform's database or storage mechanisms. The stored nature of this vulnerability means that the malicious payload persists and executes automatically whenever other users view or interact with the compromised markup content, making it particularly dangerous for collaborative environments where multiple users access shared design elements.

The operational impact of this vulnerability extends beyond simple code execution, as it can lead to complete session hijacking and unauthorized access to user accounts. Attackers can leverage this vulnerability to steal session cookies, access sensitive design data, or perform actions on behalf of authenticated users. The collaborative nature of 3DEXPERIENCE makes this particularly concerning since a single compromised markup element can affect multiple users within a project team or organization. The vulnerability can be exploited through various attack vectors including direct user interaction with malicious markup or through automated scanning tools that identify and exploit the stored payload. This type of vulnerability directly aligns with CWE-79 which describes cross-site scripting flaws, and represents a clear violation of secure coding practices that should prevent untrusted data from being executed in browser contexts.

Mitigation strategies for this vulnerability should focus on implementing comprehensive input validation and output encoding mechanisms throughout the 3D Markup processing pipeline. Organizations should immediately implement proper sanitization of all user inputs and ensure that any markup data is properly escaped before being rendered in browser environments. The platform should employ Content Security Policy headers to prevent execution of unauthorized scripts and implement proper session management controls. Additionally, regular security audits and penetration testing should be conducted to identify similar vulnerabilities in other components of the 3DEXPERIENCE platform. This vulnerability also highlights the importance of following ATT&CK framework techniques related to initial access through web application attacks and privilege escalation through session hijacking. Organizations should also consider implementing web application firewalls and monitoring systems to detect and prevent exploitation attempts, while ensuring that all users receive appropriate security training regarding the risks of interacting with untrusted markup content. The vulnerability demonstrates the critical need for secure development practices and proper input validation in collaborative design platforms where user-generated content is a core feature.

Responsible

3DS

Reservation

05/20/2025

Disclosure

05/30/2025

Moderation

accepted

CPE

ready

EPSS

0.00266

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!