CVE-2025-22600
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter.
This vulnerability is fixed in 3.2.8.
MEDIUM · CVSS 6.5
EPSS 0.00724
Schedule remediation
- Public exploit or PoC is available
- SSVC automatable: yes - attacks can be scripted at scale
Sigma rules0
YARA rules0