CVE-2025-0599 – A stored Cross-site Scripting (XSS) vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-0599?

CVE-2025-0599 has a CVSS score of 8.7 (HIGH). A stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator's Document Management allows attackers to inject malicious scripts that execute in users' browsers. This affects organizations using 3DEXPERIENCE R2024x with ENOVIA, potentially compromising user sessions and data.

📋 TL;DR

A stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator's Document Management allows attackers to inject malicious scripts that execute in users' browsers. This affects organizations using 3DEXPERIENCE R2024x with ENOVIA, potentially compromising user sessions and data.

💻 Affected Systems

Products:

ENOVIA Collaborative Industry Innovator

Versions: 3DEXPERIENCE R2024x

Operating Systems: All platforms running ENOVIA

Default Config Vulnerable: ⚠️ Yes

Notes: Affects Document Management component specifically; requires user interaction with malicious content.

📦 What is this software?

3dexperience Enovia by 3ds

View all CVEs affecting 3dexperience Enovia →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, perform actions as authenticated users, exfiltrate sensitive data, or deploy malware to users' systems.

🟠

Likely Case

Session hijacking leading to unauthorized access to documents and systems, data theft, or defacement of the document management interface.

🟢

If Mitigated

Limited impact with proper input validation, output encoding, and Content Security Policy (CSP) headers in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires attacker to have ability to upload or modify documents; exploitation depends on user interaction with malicious content.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patch version

Vendor Advisory: https://www.3ds.com/vulnerability/advisories

Restart Required: No

Instructions:

1. Review vendor advisory for patch details. 2. Apply the official patch from Dassault Systèmes. 3. Test in non-production environment first. 4. Deploy to production systems.

🔧 Temporary Workarounds

Implement Content Security Policy

all

Add CSP headers to restrict script execution sources

Add 'Content-Security-Policy' header with appropriate directives

Input Validation Enhancement

all

Implement strict input validation on document uploads and content

Configure input validation rules in ENOVIA settings

🧯 If You Can't Patch

Restrict document upload permissions to trusted users only
Implement web application firewall (WAF) rules to block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Test document upload with XSS payloads; check if scripts execute when viewed

Check Version:

Check ENOVIA version in administration console or via vendor documentation

Verify Fix Applied:

Retest with XSS payloads after patch; verify scripts are properly sanitized

📡 Detection & Monitoring

Log Indicators:

Unusual document upload patterns
Script tags in document content logs
Multiple failed XSS attempts

Network Indicators:

HTTP requests containing script payloads in document parameters
Unusual outbound connections after document views

SIEM Query:

source="ENOVIA" AND (event="document_upload" AND (content CONTAINS "<script>" OR content CONTAINS "javascript:"))

📊 Metadata

CVE ID: CVE-2025-0599

CVSS v3 Score: 8.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE: CWE-79

EPSS Score: 0.08% exploit probability (23.3th percentile)

Published: March 17, 2025

Last Updated: October 22, 2025

🔗 References

https://www.3ds.com/vulnerability/advisories Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0599, you might also want to check these: