CVE-2025-0829

Summary

CVE-2025-0829 is a stored Cross-site Scripting (XSS) vulnerability affecting ENOVIA Collaborative Industry Innovator, specifically the 3D Markup feature, from releases R2022x through R2024x. This flaw enables attackers to inject and execute arbitrary script code in a user's browser session, potentially leading to unauthorized data access or theft. The vulnerability can be exploited by injecting malicious data into the affected system, posing a significant risk to organizations using the affected software. Mitigation strategies include updating to the latest software release and implementing input validation techniques to prevent malicious data from being processed.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.