CVE-2025-4990 – “3DEXPERIENCE Product Manager Stored XSS”

May 30, 2025

CVE ID : CVE-2025-4990

Published : May 30, 2025, 3:15 p.m. | 1 hour, 44 minutes ago

Description : A stored Cross-site Scripting (XSS) vulnerability affecting Change Governance in Product Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user’s browser session.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4988 – “3DEXPERIENCE Stored XSS”

Next Article CVE-2025-4989 – “Product Manager 3DEXPERIENCE Stored XSS”

Highlights

CVE-2025-7943 – A vulnerability was found in PHPGurukul Taxi Stand

July 21, 2025

CVE ID : CVE-2025-7943

Published : July 21, 2025, 11:15 p.m. | 1 hour, 25 minutes ago

Description : A vulnerability was found in PHPGurukul Taxi Stand Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /admin/search-autoortaxi.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

The state of DevOps and AI: Not just hype

A Breeze Of Inspiration In September (2025 Wallpapers Edition)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Look out, Meta Ray-Bans! These AI glasses just raised over $1M in pre-orders in 3 days

Samsung ‘Galaxy Glasses’ powered by Android XR are reportedly on track to be unveiled this month

The M4 iPad Pro is discounted $100 as a last-minute Labor Day deal

Distribution Release: Linux From Scratch 12.4

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

Enhanced Queue Job Control with Laravel’s ThrottlesExceptions failWhen() Method

August report 2025

Fake News Detection using Python Machine Learning (ML)

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Installing Proxmox on a Raspberry Pi to run Virtual Machines on it

Download Transcribe! for Windows

Microsoft Fixes CertificateServicesClient (CertEnroll) Error in Windows 11

CVE-2025-4990 – “3DEXPERIENCE Product Manager Stored XSS”

Hacker suspected of trying to cheat his way into university is arrested in Spain

ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics

CVE-2025-48937 – Matrix-Rust-SDK Malicious Homeserver Operator Event Forgery

This AI Breakthrough Could Put the Same Brain in Every Robot

Guix System – Linux distribution built around Guix

CVE-2025-49261 – ThemBay Diza PHP Remote File Inclusion Vulnerability

CVE-2025-7943 – A vulnerability was found in PHPGurukul Taxi Stand

Why SMS two-factor authentication codes aren’t safe and what to use instead

CVE-2025-5526 – BuddyPress Docs Information Disclosure Vulnerability

CVE-2022-50232 – Linux Kernel ARM64 UXN Set Vulnerability

CVE-2025-4990 – “3DEXPERIENCE Product Manager Stored XSS”

Related Posts