CVE-2025-10557 – A stored Cross-site Scripting (XSS) vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-10557?

CVE-2025-10557 has a CVSS score of 8.7 (HIGH). A stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator allows attackers to inject malicious scripts into issue management pages. These scripts execute in victims' browsers when they view the compromised content, potentially stealing session cookies or performing unauthorized actions. Users of 3DEXPERIENCE R2022x through R2025x are affected.

📋 TL;DR

A stored Cross-site Scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator allows attackers to inject malicious scripts into issue management pages. These scripts execute in victims' browsers when they view the compromised content, potentially stealing session cookies or performing unauthorized actions. Users of 3DEXPERIENCE R2022x through R2025x are affected.

💻 Affected Systems

Products:

ENOVIA Collaborative Industry Innovator

Versions: 3DEXPERIENCE R2022x through R2025x

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated user access to issue management functionality.

📦 What is this software?

3dexperience Enovia by 3ds

View all CVEs affecting 3dexperience Enovia →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full system access, compromise sensitive intellectual property, and pivot to internal networks.

🟠

Likely Case

Attackers steal user session cookies to impersonate legitimate users, modify issue data, or redirect users to phishing sites.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized before reaching user browsers.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but uses common XSS techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patch versions

Vendor Advisory: https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10557

Restart Required: Yes

Instructions:

1. Review vendor advisory for specific patch versions
2. Apply vendor-provided patches
3. Restart affected services
4. Verify fix implementation

🔧 Temporary Workarounds

Input Validation Enhancement

all

Implement strict input validation on issue management fields to reject script tags and malicious content.

Content Security Policy

all

Deploy Content Security Policy headers to restrict script execution sources.

🧯 If You Can't Patch

Restrict user permissions to minimize who can create or modify issue content
Implement web application firewall rules to block XSS payloads

🔍 How to Verify

Check if Vulnerable:

Test issue management fields with XSS payloads like <script>alert('XSS')</script> and check if scripts execute.

Check Version:

Check 3DEXPERIENCE version through administration console or vendor documentation.

Verify Fix Applied:

Retest with same XSS payloads after patching to confirm scripts are properly sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual script tags in issue content
Multiple failed XSS attempts
Suspicious user activity in issue management

Network Indicators:

Unexpected external script loads from issue pages
Suspicious outbound connections after viewing issues

SIEM Query:

source="web_logs" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=") AND uri="*issue*"

📊 Metadata

CVE ID: CVE-2025-10557

CVSS v3 Score: 8.7 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

CWE: CWE-79

EPSS Score: 0.06% exploit probability (18.1th percentile)

Published: October 13, 2025

Last Updated: October 21, 2025

🔗 References

https://www.3ds.com/trust-center/security/security-advisories/cve-2025-10557 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-10557, you might also want to check these: