PT-2025-36224 · Netcad · Netgis Server
Ferhat Uçar
·
Published
2025-09-05
·
Updated
2025-09-05
·
CVE-2025-8695
CVSS v3.1
5.4
| Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L |
XSS
Weakness Enumeration
Related Identifiers
Affected Products
Netgis Server
Ferhat Uçar
·
Published
2025-09-05
·
Updated
2025-09-05
·
CVE-2025-8695
5.4
Medium
| Base vector | Vector | AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
Netcad NetGIS Server versions 5.2.4 through 22.08.2025
Description:
Netcad NetGIS Server is susceptible to a Reflected Cross-Site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows for the injection of malicious scripts into web pages.
Recommendations:
Netcad NetGIS Server versions 5.2.4 through 22.08.2025: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS