CVE-2025-4983
📋 TL;DR
A stored Cross-site Scripting (XSS) vulnerability in City Referential Manager on 3DEXPERIENCE R2025x allows attackers to inject malicious scripts that execute in users' browsers when viewing affected content. This affects all users of City Referential Manager on the vulnerable release, potentially compromising their sessions and allowing unauthorized actions.
💻 Affected Systems
- City Referential Manager
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could steal administrator credentials, perform session hijacking, deface the application, or redirect users to malicious sites, potentially leading to complete system compromise.
Likely Case
Attackers would steal user session cookies, perform actions as authenticated users, or redirect users to phishing pages to harvest credentials.
If Mitigated
With proper input validation and output encoding, malicious scripts would be neutralized before reaching users' browsers, preventing execution.
🎯 Exploit Status
Stored XSS typically requires authentication to inject payloads, but once stored, affects all users viewing the malicious content.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patch version
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Review the vendor advisory at the provided URL. 2. Apply the recommended patch/update from Dassault Systèmes. 3. Restart the 3DEXPERIENCE services. 4. Verify the fix by testing XSS payloads.
🔧 Temporary Workarounds
Implement Content Security Policy (CSP)
allAdd CSP headers to restrict script execution sources and prevent inline script execution
Add 'Content-Security-Policy' header to web server configuration
Input Validation Filtering
allImplement server-side input validation to sanitize user inputs before storage
Implement input sanitization in City Referential Manager code
🧯 If You Can't Patch
- Implement Web Application Firewall (WAF) with XSS protection rules
- Disable City Referential Manager component if not essential
🔍 How to Verify
Check if Vulnerable:
Test by attempting to inject XSS payloads into City Referential Manager input fields and checking if they execute when viewedCheck Version:
Check 3DEXPERIENCE version through administration console or system informationVerify Fix Applied:
Attempt the same XSS payloads after patching - they should be properly encoded and not execute📡 Detection & Monitoring
Log Indicators:
- Unusual long input strings in City Referential Manager logs
- Script tags or JavaScript patterns in user input fields
Network Indicators:
- HTTP requests containing script tags or JavaScript code to City Referential endpoints
SIEM Query:
source="*3dexperience*" AND ("<script>" OR "javascript:" OR "onerror=" OR "onload=")