CNNVD-202508-2588 Information

CNNVD ID

CNNVD-202508-2588

Related CVE

CVE-2025-57765

• CNNVD Published: 2025-08-21

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.7之前版本存在安全漏洞，该漏洞源于pre_cadastro_adotante.php端点中msg_e参数存在反射型跨站脚本，可能导致恶意脚本注入。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. The previous version of WeGIA 3.4.7 had a security loophole, which originated from the reflection of the msg e parameter in the pre cadastro adotante.php endpoint, which could lead to malicious script injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-21

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-39r5-c63f-99mx https://github.com/LabRedesCefetRJ/WeGIA/commit/4e9a1c170a495eb8a8433052de19990d355cb098 https://nvd.nist.gov/vuln/detail/CVE-2025-57765

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases