CVE-2026-33135
WeGIA is a web manager for charitable institutions. Affected versions: 3.6.6 and earlier. The issue is a Reflected Cross‑Site Scripting (XSS) in the endpoint /html/memorando/novo_memorandoo.php, where the GET parameter sccs is echoed into the HTML response without sanitization when msg equals 'su...