CVE-2026-40283
CVE-2026-40283 (WeGIA) describes a stored XSS in the WeGIA web manager for charitable institutions. In versions prior to 3.6.10, an authenticated user can inject JavaScript via the Nome field on the Informações Pacientes page; the payload is stored and executed when the patient information is vie...