CVE-2025-53525

The CVE-2025-53525 entry concerns WeGIA, a web manager for charitable organizations. A concrete vulnerability exists in the profile_familiar.php endpoint where the id_dependente parameter enables reflected Cross-Site Scripting (XSS). The root cause is insufficient filtering/escaping of user-suppl...

CVE-2025-53377

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cadastro_dependente_pessoa_nova.php endpoint, where attacker-supplied data in the id_funcionario parameter can inject scripts. The issue is caused by insufficient input h...