CVE-2025-4985

Publication date

2025-05-30 14:19:28

Family

3DS

State

PUBLISHED

Description

A stored Cross-site Scripting (XSS) vulnerability affecting Risk Management in Project Portfolio Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in users browser session.