CVE-2025-4985
📋 TL;DR
A stored Cross-site Scripting (XSS) vulnerability in Dassault Systèmes 3DEXPERIENCE Project Portfolio Manager allows attackers to inject malicious scripts that execute in users' browsers. This affects all users of 3DEXPERIENCE releases R2022x through R2025x. Attackers could steal session cookies, redirect users, or perform actions on their behalf.
💻 Affected Systems
- 3DEXPERIENCE Project Portfolio Manager
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete account takeover, data theft, privilege escalation, and lateral movement within the application.
Likely Case
Session hijacking, credential theft, and unauthorized actions performed as authenticated users.
If Mitigated
Limited impact with proper input validation, output encoding, and Content Security Policy (CSP) headers.
🎯 Exploit Status
Requires authenticated access to inject malicious scripts. Stored XSS means payload persists and affects multiple users.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check vendor advisory for specific patch versions
Vendor Advisory: https://www.3ds.com/vulnerability/advisories
Restart Required: Yes
Instructions:
1. Review Dassault Systèmes security advisory. 2. Apply the recommended patch/update. 3. Restart 3DEXPERIENCE services. 4. Test functionality after patching.
🔧 Temporary Workarounds
Implement Content Security Policy
allAdd CSP headers to restrict script execution sources
Input Validation Filtering
allImplement server-side validation for all user inputs in Risk Management module
🧯 If You Can't Patch
- Restrict user permissions to minimize attack surface
- Implement web application firewall (WAF) with XSS protection rules
🔍 How to Verify
Check if Vulnerable:
Check 3DEXPERIENCE version against affected range R2022x-R2025xCheck Version:
Check 3DEXPERIENCE administration console or contact Dassault supportVerify Fix Applied:
Verify patch installation and test XSS payloads no longer execute📡 Detection & Monitoring
Log Indicators:
- Unusual script tags in user inputs
- Multiple failed XSS attempts
Network Indicators:
- Suspicious JavaScript payloads in HTTP requests
SIEM Query:
source="3dexperience" AND (http_request CONTAINS "<script>" OR http_request CONTAINS "javascript:")