Skip to main content
Radar
DashboardThreatsMapFeedsAPI
reconnecting

CVE-2025-57762: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LabRedesCefetRJ WeGIA

Medium
VulnerabilityCVE-2025-57762cvecve-2025-57762cwe-79
Published: Thu Aug 21 2025 (08/21/2025, 16:46:54 UTC)
Source: CVE Database V5
Vendor/Project: LabRedesCefetRJ
Product: WeGIA

Description

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.4.7.

Technical Details

Data Version
5.1
Assigner Short Name
GitHub_M
Date Reserved
2025-08-19T15:16:22.917Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68a75137ad5a09ad0012b6f7

Added to database: 8/21/2025, 5:02:47 PM

Last updated: 8/21/2025, 5:02:47 PM

Views: 1

Related Threats

CVE-2025-57763: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in LabRedesCefetRJ WeGIA

Medium
VulnerabilityThu Aug 21 2025

CVE-2025-9310: Hard-coded Credentials in yeqifu carRental

Medium
VulnerabilityThu Aug 21 2025

CVE-2025-9309: Hard-coded Credentials in Tenda AC10

Low
VulnerabilityThu Aug 21 2025

CVE-2025-57761: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in LabRedesCefetRJ WeGIA

Critical
VulnerabilityThu Aug 21 2025

CVE-2025-43755: CWE-79: Cross-site Scripting in Liferay Portal

Medium
VulnerabilityThu Aug 21 2025

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats