CVE-2025-22596
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter.
This vulnerability is fixed in 3.2.8.
MEDIUM · CVSS 6.5
EPSS 0.00899
Schedule remediation
- Public exploit or PoC is available
- SSVC automatable: yes - attacks can be scripted at scale
Sigma rules0
YARA rules0