CVE-2025-4987 – “3DEXPERIENCE Project Portfolio Manager Stored XSS”

June 16, 2025

CVE ID : CVE-2025-4987

Published : June 16, 2025, 8:15 a.m. | 29 minutes ago

Description : A stored Cross-site Scripting (XSS) vulnerability affecting Opportunity Management in Project Portfolio Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user’s browser session.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6113 – Tenda FH1203 Buffer Overflow Vulnerability

Next Article CVE-2025-6169 – HAMASTAR Technology WIMP SQL Injection Vulnerability

Highlights

CVE-2025-4710 – Campcodes Sales and Inventory System SQL Injection Vulnerability

May 15, 2025

CVE ID : CVE-2025-4710

Published : May 15, 2025, 6:15 p.m. | 1 hour, 45 minutes ago

Description : A vulnerability, which was classified as critical, has been found in Campcodes Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /pages/transaction.php. The manipulation of the argument cid leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

How To Prevent WordPress SQL Injection Attacks

This week in AI dev tools: Apple’s Foundations Model framework, Mistral’s first reasoning model, and more (June 13, 2025)

Open Talent platforms emerging to match skilled workers to needs, study finds

Java never goes out of style: Celebrating 30 years of the language

DistroWatch Weekly, Issue 1126

It’s the year of Linux… at least for Denmark — here’s why the country’s government is dumping Windows and Office 365

Grounded 2’s best feature is happening because Obsidian left the Xbox One behind

6 registry tweaks every tech-savvy user must apply on Windows 11

Right Invoicing App for iPhone: InvoiceTemple

Right Invoicing App for iPhone: InvoiceTemple

Tunnel Run game in 170 lines of pure JS

Integrating Drupal with Salesforce SSO via SAML and Dynamic User Sync

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

Microsoft has a new tool to get you off Windows 10 and onto a Windows 11 PC

DistroWatch Weekly, Issue 1126

Find ASCII Emoji Easily with this GNOME Shell Applet

CVE-2025-4987 – “3DEXPERIENCE Project Portfolio Manager Stored XSS”

IBM Backup Services Vulnerability Let Attackers Escalate Privileges

YouTube Expands 30-Second Non-Skippable Ads: Prepare for More Interruptions

CVE-2025-5165 – Assimp Out-of-Bounds Read Vulnerability

What’s the Real Cost of Building an AI Solution in 2025? A Comprehensive Guide💰

MyGrub-Editor – GRUB configuration tool for PCLinuxOS

shotgun is a minimal screenshot utility for X11

CVE-2025-4710 – Campcodes Sales and Inventory System SQL Injection Vulnerability

CVE-2025-5410 – Mist Community Edition Cross-Site Request Forgery (CSRF)

My favorite MagSafe wallet stand is the ideal iPhone companion, and it just got cheaper

CVE-2025-37834 – Linux Kernel: Dirty Swapcache Page Reclamation Vulnerability

CVE-2025-4987 – “3DEXPERIENCE Project Portfolio Manager Stored XSS”

Related Posts