A high-severity vulnerability has been identified in the ENOVIA Collaborative Industry Innovator platform, allowing for a stored cross-site scripting (XSS) attack. An attacker can inject malicious code into the Issue Management system, which will execute in the browser of any user who views the compromised issue. This could lead to account takeover, data theft, and the compromise of sensitive corporate information.

This is a stored Cross-site Scripting (XSS) vulnerability within the Issue Management feature of ENOVIA Collaborative Industry Innovator. The application fails to properly sanitize user-supplied input when creating or editing an issue. An authenticated attacker can inject malicious client-side script (e.g., JavaScript) into a data field, which is then stored on the server. When another user views the malicious issue, the script is served and executed by their web browser in the context of their session, granting the attacker the same permissions as the victim user.

This vulnerability is rated as High severity with a CVSS score of 8.7. Successful exploitation poses a significant risk to the organization's data confidentiality, integrity, and user security. Potential consequences include session hijacking to impersonate legitimate users, theft of sensitive data accessible to the victim, credential harvesting through spoofed login forms, and redirection to malicious websites for malware delivery. If an administrative account is compromised, the attacker could gain broader control over the platform, escalating the potential for damage.

Immediate Action: Apply the security updates provided by the vendor across all affected systems immediately. Prioritize patching for internet-facing instances or those accessible to a large number of users. After patching, monitor for any signs of post-remediation exploitation attempts and review access logs for suspicious activity preceding the patch deployment.

Proactive Monitoring: Security teams should actively monitor application and web server logs for evidence of XSS payloads, such as the presence of <script>, <iframe>, onerror, or other HTML event handler tags within the Issue Management data fields. Monitor network traffic for unusual outbound connections from client machines to unknown domains, which could indicate data exfiltration.

Compensating Controls: If immediate patching is not feasible, implement a Web Application Firewall (WAF) with rulesets designed to detect and block common XSS attack patterns. Additionally, consider implementing a strict Content Security Policy (CSP) to restrict the sources from which scripts can be executed, thereby limiting the impact of a potential injection.

Public Exploit Available: false

Given the high CVSS score of 8.7 and the risk of account compromise and data theft, it is strongly recommended that the organization treats this vulnerability as a critical priority. The remediation plan should be executed immediately. Although there is no known active exploitation, the nature of stored XSS means any compromised data will persist until discovered and remediated. Organizations should apply the vendor patch without delay and implement the recommended monitoring controls to detect any potential compromise.