CVE 8.7 HIGH

Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x_CVE-2026-9024

June 1, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Description

A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x could allow an attacker to execute arbitrary script code in user's browser session.

AI Analysis

Stored Cross-site Scripting (XSS) vulnerability in DELMIA Service Process Engineer

Basic Information

ID CVE-2026-9024
Source 3DS
Published Jun 1, 2026 at 08:21

Affected Product

Vendor Dassault Systèmes
Product DELMIA Service Process Engineer
Version Release 3DEXPERIENCE R2024x Golden
Affected Versions Dassault Systèmes DELMIA Service Process Engineer Release 3DEXPERIENCE R2024x Golden
Dassault Systèmes DELMIA Service Process Engineer Release 3DEXPERIENCE R2025x Golden
Dassault Systèmes DELMIA Service Process Engineer Release 3DEXPERIENCE R2026x Golden

CWE Classification

CWE-79

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Dassault Systèmes
Product DELMIA Service Process Engineer
Version Release 3DEXPERIENCE R2024x Golden, Release 3DEXPERIENCE R2025x Golden, Release 3DEXPERIENCE R2026x Golden

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.