top of page
perceptive_background_267k.jpg

WeGIA is a Web Manager for Charitable Institutions. Prior to 3.6.2, a Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the WeGIA system, speā€¦

Published:

15 januari 2026 om 23:00:00

Alert date:

16 januari 2026 om 21:01:29

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in WeGIA, a Web Manager for Charitable Institutions, prior to version 3.6.2. The vulnerability exists in the html/memorando/insere_despacho.php file where the application fails to properly sanitize user-supplied input via the id_memorando GET parameter. This allows unauthenticated attackers to inject arbitrary JavaScript or HTML into the user's browser session context. The vulnerability occurs when user input is reflected into the HTML source, likely within a script block or attribute. The issue has been fixed in version 3.6.2 of WeGIA.

Technical details

Mitigation steps:

Affected products:

WeGIA

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-23722
https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-g7hh-6qj7-mcqf

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page