πŸ” CVE Alert

CVE-2025-8695

MEDIUM 5.4

Reflected XSS in Netcad Software's NetGIS Server

CVSS Score
5.4
EPSS Score
0.0%
EPSS Percentile
16th

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Netcad NetGIS Server allows Reflected XSS. This issue affects NetGIS Server: from 5.2.4 through 22.08.2025.

CWE CWE-79
Vendor netcad
Product netgis server
Published Sep 5, 2025
Last Updated Jun 5, 2026
Stay Ahead of the Next One

Get instant alerts for netcad netgis server

Be the first to know when new medium vulnerabilities affecting netcad netgis server are published β€” delivered to Slack, Telegram or Discord.

Get Free Alerts β†’ Free Β· No credit card Β· 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
Low

Affected Versions

Netcad / NetGIS Server
5.2.4 ≀ 22.08.2025

References

NVD β†— CVE.org β†— EPSS Data β†—
usom.gov.tr: https://www.usom.gov.tr/bildirim/tr-25-0209 siberguvenlik.gov.tr: https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0209

Credits

Ferhat UÇAR