CVE-2025-53930 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the WeGIA web management application developed by LabRedesCefetRJ. WeGIA is an open-source platform primarily targeting Portuguese-speaking charitable institutions. The vulnerability exists in the `adicionar_especie.php` endpoint, specifically in the handling of the `especie` parameter. Prior to version 3.4.5, this parameter does not properly neutralize user input before embedding it into web pages, allowing attackers to inject malicious JavaScript code. Because this is a stored XSS, the injected scripts are saved on the server and executed automatically whenever any user accesses the affected page. This can lead to session hijacking, credential theft, unauthorized actions on behalf of users, or the delivery of further malware. The vulnerability has a CVSS 4.0 base score of 6.4, indicating a medium severity level. The vector details show that the attack can be performed remotely over the network without authentication, requires low attack complexity, no privileges, but does require user interaction (e.g., a user visiting the infected page). The impact on confidentiality and integrity is low, but availability impact is none. The scope and security impact are high, indicating that the vulnerability affects components beyond the vulnerable code itself. The issue was addressed in WeGIA version 3.4.5, which properly sanitizes the `especie` parameter to prevent script injection. No known exploits are currently reported in the wild, but the vulnerability poses a significant risk to users of affected versions.

For European organizations using WeGIA, especially those involved in charitable or non-profit sectors serving Portuguese-speaking communities, this vulnerability could lead to compromise of user accounts and unauthorized actions within the application. Attackers could exploit the stored XSS to steal session cookies, impersonate users, or inject malicious payloads that spread malware or conduct phishing attacks. This could damage organizational reputation, lead to data breaches involving personal or donor information, and disrupt operations. Since WeGIA is open source and targeted at niche institutions, the impact may be limited to organizations that have deployed this specific software. However, given the cross-site scripting nature, any user accessing the vulnerable pages is at risk, including administrators. The medium severity rating suggests that while the vulnerability is serious, it does not directly allow full system compromise or remote code execution. Nonetheless, the exploitation could be a stepping stone for further attacks or social engineering campaigns within European charitable organizations.

Organizations should immediately verify their WeGIA version and upgrade to version 3.4.5 or later, where the vulnerability is patched. If immediate upgrade is not possible, implement input validation and output encoding on the `especie` parameter at the web server or application firewall level to block or sanitize malicious scripts. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. Conduct user awareness training to recognize suspicious links or behaviors resulting from XSS exploitation. Regularly audit and monitor web application logs for unusual input patterns or script injections. Additionally, restrict user privileges to minimize the impact of compromised accounts and enforce multi-factor authentication for administrative access to reduce risk from session hijacking.