https://feed.craftedsignal.io/tags/cve-2025-10551/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 31 Mar 2026 09:16:21 +0000https://feed.craftedsignal.io/briefs/2026-03-enovia-xss/Tue, 31 Mar 2026 09:16:21 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2026-03-enovia-xss/A stored cross-site scripting (XSS) vulnerability in ENOVIA Collaborative Industry Innovator allows an attacker to execute arbitrary script code in a user's browser session by injecting malicious code into document management functions.<p>CVE-2025-10551 is a stored XSS vulnerability affecting the Document Management feature within ENOVIA Collaborative Industry Innovator. This vulnerability exists in versions from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x. A successful exploit allows an attacker to inject malicious JavaScript code into the application, which is then executed within the browser of any user who interacts with the compromised data. This poses a significant risk to data confidentiality and…</p> highadvisoryxsscve-2025-10551enovia