CNNVD-202601-2748 Information

CNNVD ID

CNNVD-202601-2748

Related CVE

CVE-2026-23729

• CNNVD Published: 2026-01-16

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.6.2之前版本存在输入验证错误漏洞，该漏洞源于未验证或限制nextPage参数，可能导致重定向攻击。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. The previous version of WeGIA 3.6.2 had an input verification error loophole, which originated from the failure to verify or limit the textPage parameter and could lead to a redirectional attack.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

个人开发者

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/pull/1333 https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-w88p-v7h6-m728 https://access.redhat.com/security/cve/cve-2026-23729

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases