DELMIA Service Process Engineer

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-9024	Dassault Systèmes DELMIA Service Process Engineer	Hig	0.57	8.7	Jun 1, 2026	A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x could allow an attacker to execute arbitrary script code in user's browser session.
CVE-2025-10555	Dassault Systèmes DELMIA Service Process Engineer	Hig	0.57	8.7	Nov 24, 2025	A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2025-4992	Dassault Systèmes DELMIA Service Process Engineer	Hig	0.57	8.7	May 30, 2025	A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

CVE-2026-9024HigJun 1, 2026
Dassault Systèmes
DELMIA Service Process Engineer
risk 0.57cvss 8.7epss 0.00
A Stored Cross-site Scripting (XSS) vulnerability affecting Process Experience Studio in DELMIA Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2026x could allow an attacker to execute arbitrary script code in user's browser session.
CVE-2025-10555HigNov 24, 2025
Dassault Systèmes
DELMIA Service Process Engineer
risk 0.57cvss 8.7epss 0.00
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
CVE-2025-4992HigMay 30, 2025
Dassault Systèmes
DELMIA Service Process Engineer
risk 0.57cvss 8.7epss 0.00
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in Service Process Engineer from Release 3DEXPERIENCE R2024x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.