Описание
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the verificacao and redir_config parameter. This issue has been patched in version 3.4.8.
Уязвимые конфигурации
Конфигурация 1Версия до 3.4.8 (исключая)
cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*
EPSS
Процентиль: 16%
0.00051
Низкий
6.5 Medium
CVSS3
7.4 High
CVSS3
Дефекты
CWE-79
EPSS
Процентиль: 16%
0.00051
Низкий
6.5 Medium
CVSS3
7.4 High
CVSS3
Дефекты
CWE-79