CVE 8.7 HIGH

Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x_CVE-2025-10555

November 24, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Description

A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

AI Analysis

Stored Cross-site Scripting (XSS) vulnerability in DELMIA Service Process Engineer

Basic Information

ID CVE-2025-10555

Source 3DS

Published Nov 24, 2025 at 15:31

Modified Nov 24, 2025 at 16:02

Affected Product

Vendor Dassault Systèmes

Product DELMIA Service Process Engineer

Version Release 3DEXPERIENCE R2025x Golden

Affected Versions Dassault Systèmes DELMIA Service Process Engineer Release 3DEXPERIENCE R2025x Golden

CWE Classification

CWE-79

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Dassault Systèmes

Product DELMIA Service Process Engineer

Version Release 3DEXPERIENCE R2025x Golden

References

www.3ds.com /trust-center/security/security-advisories/cve-2025-10555

{
    "lastseen": "",
    "description": "A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.",
    "published": "2025-11-24T15:31:54.111Z",
    "modified": "2025-11-24T16:02:51.305Z",
    "type": "cve",
    "title": "Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x",
    "source": "3DS",
    "references": "https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10555",
    "id": "CVE-2025-10555",
    "bulletinFamily": "",
    "cwe": [
        "CWE-79"
    ],
    "cvelist": null,
    "sourceData": "Dassault Syst\u00e8mes DELMIA Service Process Engineer Release 3DEXPERIENCE R2025x Golden",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DELMIA Service Process Engineer",
    "version": "Release 3DEXPERIENCE R2025x Golden",
    "vendor": "Dassault Syst\u00e8mes",
    "ai_description": "Stored Cross-site Scripting (XSS) vulnerability in DELMIA Service Process Engineer",
    "ai_severity": "High",
    "ai_vendor": "Dassault Syst\u00e8mes",
    "ai_product": "DELMIA Service Process Engineer",
    "ai_version": "Release 3DEXPERIENCE R2025x Golden",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply