CNNVD-202508-2589 Information

CNNVD ID

CNNVD-202508-2589

Related CVE

CVE-2025-57764

• CNNVD Published: 2025-08-21

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.7之前版本存在安全漏洞，该漏洞源于cargos.php端点中msg_e参数存在反射型跨站脚本，可能导致恶意脚本注入。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. There was a security loophole in the previous version of WeGIA 3.4.7 resulting from the reflection of the msg e parameter in the cargos.php endpoint, which could lead to malicious script injection.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-21

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-qx7f-q867-cgx2 https://github.com/LabRedesCefetRJ/WeGIA/commit/4e9a1c170a495eb8a8433052de19990d355cb098 https://nvd.nist.gov/vuln/detail/CVE-2025-57764

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases