CVE-2025-25905 | THREATINT

Description

Cross-Site Scripting (XSS) vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter.

PUBLISHED Reserved 2025-02-07 | Published 2025-06-25 | Updated 2025-06-25 | Assigner mitre

References

support.cadclick.com

4pace.com/en/products/cadclick

medium.com/@mdjab3r/cve-2025-25905-ffff82c635f2

cve.org (CVE-2025-25905)

nvd.nist.gov (CVE-2025-25905)

Download JSON