CVE-2023-1287

Summary

An XSL template vulnerability in ENOVIA Live Collaboration V6R2013xE allows Remote Code Execution.

Affected Software

VendorProductVersion RangeStatus
Dassault SystèmesENOVIA Live CollaborationV6R2013xE Golden <= V6R2013xE FP.CFA.2228affected

Weaknesses

  • CWE-74: CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References