CVE-2025-57765 is a Reflected Cross-Site Scripting (XSS) vulnerability identified in the WeGIA web management application developed by LabRedesCefetRJ, specifically affecting versions prior to 3.4.7. The vulnerability exists in the pre_cadastro_adotante.php endpoint, where the application improperly neutralizes user input passed through the 'msg_e' parameter. This improper input handling allows an attacker to inject malicious JavaScript code that is reflected back to the user without adequate sanitization or encoding. When a victim accesses a crafted URL containing the malicious script, the script executes in the victim's browser context, potentially leading to session hijacking, theft of sensitive information, or redirection to malicious sites. The CVSS v3.1 base score is 6.5, indicating a medium severity level. The vector string (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) shows that the attack can be launched remotely over the network without privileges and requires user interaction (clicking a malicious link). The impact is primarily on confidentiality, as the attacker can steal sensitive data accessible to the victim's browser session, but does not affect integrity or availability. The vulnerability has been fixed in version 3.4.7 of WeGIA. No known exploits are currently reported in the wild. This vulnerability falls under CWE-79, which covers improper neutralization of input during web page generation leading to XSS.

For European organizations using WeGIA to manage charitable institutions, this vulnerability poses a risk of client-side attacks that can compromise the confidentiality of users interacting with the platform. Attackers could craft malicious URLs that, when clicked by legitimate users such as donors, volunteers, or administrators, execute scripts that steal session cookies or other sensitive data. This could lead to unauthorized access to user accounts or personal information, damaging trust and potentially violating data protection regulations like GDPR. Although the vulnerability does not directly impact system integrity or availability, the reputational damage and potential regulatory penalties from data breaches could be significant. Given that WeGIA is a niche product for charitable organizations, the impact is more pronounced for entities relying heavily on this platform for donor management and communications. The requirement for user interaction limits automated exploitation but does not eliminate risk, especially if phishing campaigns target users to click malicious links.

Organizations should immediately upgrade WeGIA installations to version 3.4.7 or later, where the vulnerability is patched. Until the upgrade is applied, administrators should implement web application firewall (WAF) rules to detect and block suspicious requests containing script tags or unusual payloads in the 'msg_e' parameter. User education is critical: training users to recognize phishing attempts and avoid clicking untrusted links can reduce exploitation likelihood. Additionally, implementing Content Security Policy (CSP) headers can help mitigate the impact of XSS by restricting the execution of inline scripts and loading of external resources. Regular security assessments and code reviews should be conducted to identify and remediate similar input validation issues. Logging and monitoring for unusual access patterns or error messages related to the vulnerable endpoint can provide early detection of exploitation attempts.