CVE-2025-62179

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...

EUVD-2025-34109

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

PT-2025-41819

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a web management application designed for institutions, particularly those using the Portuguese language. A Reflected Cross-Site Scripting XSS issue exists in the log parameter of the...

CVE-2025-58054

Discourse is an open-source community discussion platform. Versions 3.5.0 and below are vulnerable to XSS attacks through parsing and rendering of chat channel titles and chat thread titles via the quote message functionality when using the rich text editor. This issue is fixed in version 3.5.1...