CVE-2025-0602
📋 TL;DR
A stored Cross-site Scripting (XSS) vulnerability in the Compare feature of Collaborative Industry Innovator within 3DEXPERIENCE allows attackers to inject malicious scripts that execute in users' browsers. This affects all users of 3DEXPERIENCE releases from R2023x through R2025x. The vulnerability enables session hijacking, data theft, and unauthorized actions within authenticated sessions.
💻 Affected Systems
- 3DEXPERIENCE Collaborative Industry Innovator
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete account takeover leading to data exfiltration, privilege escalation, and lateral movement within the 3DEXPERIENCE environment.
Likely Case
Session hijacking allowing unauthorized access to user data and functionality, potentially leading to data theft or manipulation.
If Mitigated
Limited impact with proper input validation and output encoding, though some data exposure may still occur.
🎯 Exploit Status
Stored XSS requires attacker to inject malicious script into the Compare feature, which then executes when other users view the content.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patched versions
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Review vendor advisory for specific patch details. 2. Apply the latest security update from Dassault Systèmes. 3. Restart affected 3DEXPERIENCE services. 4. Verify the fix by testing the Compare feature.
🔧 Temporary Workarounds
Input Validation and Sanitization
allImplement strict input validation and output encoding for the Compare feature to prevent script injection.
Content Security Policy (CSP)
allImplement a strict CSP header to restrict script execution sources and prevent inline script execution.
🧯 If You Can't Patch
- Disable the Compare feature if not essential for business operations.
- Implement web application firewall (WAF) rules to detect and block XSS payloads targeting the Compare functionality.
🔍 How to Verify
Check if Vulnerable:
Test the Compare feature by attempting to inject basic XSS payloads (e.g., <script>alert('test')</script>) and observing if they execute.Check Version:
Check 3DEXPERIENCE version through administration console or by consulting system documentation.Verify Fix Applied:
After patching, repeat XSS testing with various payloads to confirm they are properly sanitized and do not execute.📡 Detection & Monitoring
Log Indicators:
- Unusual script tags or JavaScript in Compare feature logs
- Multiple failed XSS attempts in web server logs
Network Indicators:
- HTTP requests containing suspicious script patterns to Compare endpoints
- Unexpected JavaScript execution in browser sessions
SIEM Query:
source="web_server" AND (uri="*compare*" OR uri="*Compare*") AND (content="<script>" OR content="javascript:")