High severity7.1NVD Advisory· Published Jun 25, 2025· Updated Jun 17, 2026
CVE-2025-25905
CVE-2025-25905
Description
Cross-Site Scripting (XSS) vulnerability in CADClick v1.13.0 and before allows remote attackers to inject arbitrary web script or HTML via the "tree" parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- medium.com/@mdjab3r/cve-2025-25905-ffff82c635f2nvdExploitThird Party Advisory
- 4pace.com/en/products/cadclicknvdProduct
- support.cadclick.comnvdProduct
News mentions
0No linked articles in our index yet.