Skip to main content

CVE-2025-53930: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LabRedesCefetRJ WeGIA

Medium
VulnerabilityCVE-2025-53930cvecve-2025-53930cwe-79
Published: Wed Jul 16 2025 (07/16/2025, 15:49:59 UTC)
Source: CVE Database V5
Vendor/Project: LabRedesCefetRJ
Product: WeGIA

Description

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_especie.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `especie` parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. Version 3.4.5 fixes the issue.

AI-Powered Analysis

AILast updated: 07/24/2025, 00:58:17 UTC

Technical Analysis

CVE-2025-53930 is a stored Cross-Site Scripting (XSS) vulnerability identified in the WeGIA web management application developed by LabRedesCefetRJ. WeGIA is an open-source platform primarily targeting Portuguese-speaking charitable institutions. The vulnerability exists in the 'adicionar_especie.php' endpoint, specifically in the handling of the 'especie' parameter. Prior to version 3.4.5, this parameter does not properly neutralize user input, allowing attackers to inject malicious JavaScript code that is stored on the server. When other users access the affected page, the malicious script executes in their browsers, potentially leading to session hijacking, credential theft, unauthorized actions on behalf of users, or distribution of malware. The vulnerability is classified under CWE-79, which covers improper neutralization of input during web page generation. The CVSS 4.0 base score is 6.4 (medium severity), reflecting network attack vector, low attack complexity, no privileges or authentication required, but requiring user interaction. The vulnerability impacts confidentiality and integrity moderately and has a high scope and impact on security controls. Although no known exploits are reported in the wild, the risk remains significant due to the nature of stored XSS attacks, which can affect multiple users over time. Version 3.4.5 of WeGIA addresses and fixes this issue by properly sanitizing or encoding the 'especie' parameter input to prevent script injection.

Potential Impact

For European organizations, especially charitable institutions and non-profits using WeGIA or similar localized web management tools, this vulnerability poses a tangible risk. Stored XSS can lead to compromise of user accounts, leakage of sensitive data, and erosion of trust in the platform. Attackers could leverage this vulnerability to impersonate users, conduct phishing campaigns, or pivot to further internal attacks. Given WeGIA's focus on Portuguese language users, organizations in Portugal and Portuguese-speaking communities in Europe could be particularly affected. The impact extends to data confidentiality and integrity, as malicious scripts can exfiltrate data or alter displayed content. Additionally, availability could be indirectly affected if attackers use the vulnerability to inject disruptive scripts. The medium severity score suggests a moderate but non-trivial risk, especially if deployed in environments with sensitive user data or critical operations. The lack of required privileges or authentication lowers the barrier for exploitation, increasing the threat surface for European organizations that have not updated to the patched version.

Mitigation Recommendations

European organizations using WeGIA should immediately upgrade to version 3.4.5 or later, where the vulnerability is fixed. If immediate upgrade is not feasible, implement web application firewall (WAF) rules to detect and block malicious payloads targeting the 'especie' parameter, focusing on typical XSS attack patterns such as script tags or event handlers. Conduct thorough input validation and output encoding on all user-supplied data, especially in web forms and URL parameters. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. Regularly audit and sanitize existing stored data to remove any injected malicious scripts. Educate users about the risks of clicking suspicious links or interacting with untrusted content within the application. Finally, monitor logs and user reports for signs of exploitation attempts or unusual behavior related to the vulnerable endpoint.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
GitHub_M
Date Reserved
2025-07-14T17:23:35.260Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 6877ccf3a83201eaacdc494c

Added to database: 7/16/2025, 4:01:55 PM

Last enriched: 7/24/2025, 12:58:17 AM

Last updated: 8/30/2025, 7:19:53 PM

Views: 39

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats