CVE-2025-62358 is a reflected Cross-Site Scripting (XSS) vulnerability identified in the WeGIA web management system developed by LabRedesCefetRJ, primarily targeting Portuguese language institutions. The flaw exists in versions prior to 3.5.1 within the 'log' parameter of the configuracao_geral.php script, where user-supplied input is not properly sanitized or encoded before being reflected in the web page output. This improper neutralization of input (CWE-79) allows an attacker to craft a malicious URL containing JavaScript code that, when visited by a victim, executes in their browser context. The vulnerability does not require authentication (AV:N) and has low attack complexity (AC:L), but does require user interaction (UI:R), such as clicking a malicious link. The scope is unchanged (S:U), and the impact affects confidentiality and integrity to a limited extent (C:L, I:L), with no impact on availability (A:N). Potential consequences include theft of session cookies, redirection to malicious sites, or execution of arbitrary scripts leading to further attacks like phishing or malware delivery. Although no known exploits are reported in the wild, the vulnerability is publicly disclosed and fixed in version 3.5.1. Organizations using WeGIA should assess their exposure and apply the patch promptly. Additional security controls such as Content Security Policy (CSP) and input validation can reduce risk. Given WeGIA’s focus on Portuguese language users, the affected user base is likely concentrated in Lusophone countries, including parts of Europe.

For European organizations, especially those in Portugal or serving Portuguese-speaking communities, this vulnerability poses a tangible risk to web application security. Exploitation could lead to unauthorized disclosure of sensitive information, session hijacking, or manipulation of user interactions, potentially compromising user accounts or institutional data. Public sector institutions, educational organizations, and other entities relying on WeGIA for web management may face reputational damage and operational disruption if attackers exploit this flaw. While the vulnerability does not directly impact system availability, the indirect effects of compromised user credentials or injected malicious scripts could facilitate broader attacks. The medium severity rating reflects the moderate impact and ease of exploitation without authentication, emphasizing the need for timely remediation to prevent phishing campaigns or targeted attacks leveraging this XSS vector.

1. Upgrade all WeGIA installations to version 3.5.1 or later, where the vulnerability is patched. 2. Implement strict input validation and output encoding on all user-supplied data, especially parameters reflected in web pages, to prevent injection of malicious scripts. 3. Deploy Content Security Policy (CSP) headers to restrict the execution of unauthorized scripts in browsers. 4. Educate users about the risks of clicking on suspicious links and encourage cautious behavior to reduce the likelihood of successful phishing attempts. 5. Monitor web server logs for unusual requests targeting the 'log' parameter or other suspicious activity indicative of attempted exploitation. 6. Conduct regular security assessments and code reviews to identify and remediate similar input validation issues. 7. Consider employing web application firewalls (WAFs) with rules to detect and block XSS attack patterns targeting WeGIA endpoints.