# CVE-2025-10555

Stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x

**Published**
2025-11-24

**Updated**
-

**Description**
A stored Cross-site Scripting (XSS) vulnerability affecting Service Items Management in DELMIA Service Process Engineer on Release 3DEXPERIENCE R2025x allows an attacker to execute arbitrary script code in user's browser session.

**Affected Products**
DELMIA Service Process Engineer

**Affected Versions**
On Release 3DEXPERIENCE R2025x

**Severity**
High

Go to Dassault Systèmes Security Advisories

[Security Advisories](/trust-center/security/security-advisories)

[   Go to CVE record     ](https://www.cve.org/CVERecord?id=CVE-2025-10555)

[   Access remediation information  ](https://support.3ds.com/knowledge-base/?q=docid%3AQA00000430174)