CVE-2025-10553
Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x
CVSS Score
8.7
EPSS Score
0.0%
EPSS Percentile
9th
A Stored Cross-site Scripting (XSS) vulnerability affecting Factory Resource Management in DELMIA Factory Resource Manager from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.
| CWE | CWE-79 |
| Vendor | dassault systèmes |
| Product | delmia factory resource manager |
| Published | Mar 31, 2026 |
| Last Updated | Mar 31, 2026 |
Stay Ahead of the Next One
Get instant alerts for dassault systèmes delmia factory resource manager
Be the first to know when new high vulnerabilities affecting dassault systèmes delmia factory resource manager are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None
Affected Versions
Dassault Systèmes / DELMIA Factory Resource Manager
Release 3DEXPERIENCE R2023x Golden ≤ Release 3DEXPERIENCE R2023x.FP.CFA.2541 Release 3DEXPERIENCE R2024x Golden ≤ Release 3DEXPERIENCE R2024x.FP.CFA.2537 Release 3DEXPERIENCE R2025x Golden ≤ Release 3DEXPERIENCE R2025x.FP.CFA.2514