# CVE-2023-25581

pac4j vulnerability  affecting Iterop from Release 2023 through Release 2025

**Published**
2024-11-26

**Updated**
-

**Description**
A vulnerability in pac4j component  is affecting Iterop from Release 2023 through Release 2025. A specially crafted HTTP request can lead to arbitrary command execution.

**Affected Products**
Iterop

**Affected Versions**
From Release 2023 through Release 2025

**Severity**
Critical

Go to Dassault Systèmes Security Advisories

[Security Advisories](/trust-center/security/security-advisories)

[   Go to CVE record  ](https://www.cve.org/CVERecord?id=CVE-2023-25581)

[   Access remediation information     ](https://support.3ds.com/knowledge-base/?q=docid%3AQA00000376282)