CVE-2025-57762 is a Stored Cross-Site Scripting (XSS) vulnerability identified in the WeGIA web management application developed by LabRedesCefetRJ, specifically affecting versions prior to 3.4.7. The vulnerability exists in the dependente_docdependente.php endpoint, where the application improperly neutralizes user input in the 'nome' parameter. This improper input validation allows an attacker to inject malicious JavaScript code that is stored persistently on the server. When other users access the affected page, the malicious script executes in their browsers within the context of the vulnerable application. Stored XSS vulnerabilities are particularly dangerous because they can lead to session hijacking, credential theft, unauthorized actions on behalf of users, defacement, or distribution of malware. The CVSS 4.0 base score of 6.4 reflects a medium severity level, indicating a moderate risk. The vector details show that the attack can be performed remotely over the network without authentication (AV:N/PR:N), but requires user interaction (UI:A) to trigger the payload. The vulnerability impacts confidentiality and integrity to a low degree, with a high scope and impact on security controls. The vulnerability was publicly disclosed on August 21, 2025, and fixed in version 3.4.7 of WeGIA. No known exploits in the wild have been reported yet. Given that WeGIA is a web manager for charitable institutions, the affected systems are likely used by non-profit organizations for managing their operations and data. This vulnerability could be exploited to target users of these institutions, potentially leading to data leakage or unauthorized actions within the application.

For European organizations, particularly charitable and non-profit institutions using WeGIA, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive user data, including personal information of donors, beneficiaries, and staff. Attackers could hijack user sessions, impersonate legitimate users, or inject malicious content that damages the organization's reputation. Since the vulnerability requires user interaction, phishing or social engineering campaigns could be used to lure users into triggering the malicious scripts. The impact on data confidentiality and integrity, while rated low individually, combined with the high scope and potential for widespread exploitation, could disrupt organizational operations and erode trust. Additionally, European data protection regulations such as GDPR impose strict requirements on protecting personal data; a breach resulting from this vulnerability could lead to regulatory penalties and legal consequences. The absence of known exploits in the wild reduces immediate risk but does not eliminate the threat, especially if attackers develop new exploit techniques targeting this vulnerability.

Organizations using WeGIA should immediately verify their application version and upgrade to version 3.4.7 or later where the vulnerability is patched. If upgrading is not immediately feasible, implement input validation and output encoding on the 'nome' parameter to neutralize malicious scripts. Employ Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. Conduct security awareness training to educate users about the risks of clicking on suspicious links or interacting with untrusted content. Regularly audit and monitor web application logs for unusual activities that may indicate exploitation attempts. Additionally, implement web application firewalls (WAFs) with rules designed to detect and block XSS payloads targeting the affected endpoint. For organizations handling sensitive personal data, ensure incident response plans are updated to address potential XSS incidents and data breach notifications comply with GDPR requirements.