2 matches found
CVE-2025-57765 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_adotante.php' parameter 'msg_e'
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting XSS vulnerability was identified in the precadastroadotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msge parameter. This...
CVE-2025-53933 WeGIA vulnerable to Stored Cross-Site Scripting via endpoint 'adicionar_enfermidade.php' parameter 'nome'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarenfermidade.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...