CNNVD-202506-3171 Information

CNNVD ID

CNNVD-202506-3171

Related CVE

CVE-2025-25905

• CNNVD Published: 2025-06-25

Description (Chinese)

CADClick是CADClick公司的一种软件解决方案。可为各个客户的 CAD 目录创建 2D/3D CAD 数据的交互式目录。 CADClick 1.13.0及之前版本存在跨站脚本漏洞，该漏洞源于对参数tree的错误操作导致跨站脚本攻击。

Description (English)

CADClick is a software solution for CADClick. An interactive directory of 2D/3D CAD data can be created for the CAD directory of each client. CADCick 1.1.3.0 and previous versions have a cross-site script loophole, which results from a wrong operation on the parameter tree leading to a cross-site script attack.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

CADClick

Published

2025-06-25

Last Modified

2026-02-24

References

https://medium.com/@mdjab3r/cve-2025-25905-ffff82c635f2 https://support.cadclick.com https://4pace.com/en/products/cadclick https://access.redhat.com/security/cve/cve-2025-25905 https://nvd.nist.gov/vuln/detail/CVE-2025-25905