CVE-2025-4989 – “Product Manager 3DEXPERIENCE Stored XSS”

CVE ID : CVE-2025-4989

Published : May 30, 2025, 3:15 p.m. | 44 minutes ago

Description : A stored Cross-site Scripting (XSS) vulnerability affecting Requirements in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user’s browser session.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…