exploitDog

CVE-2025-58452

Опубликовано: 08 сент. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_despachos.php endpoint of the WeGIA application prior to version 3.4.11. This vulnerability allows attackers to inject malicious scripts in the id_memorando parameter. Version 3.4.11 contains a patch.

Ссылки

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-hq9x-mfv2-x467
Exploit
Third Party Advisory
https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-hq9x-mfv2-x467
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*

Версия до 3.4.11 (исключая)

EPSS

Процентиль: 7%

0.00028

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

EPSS

Процентиль: 7%

0.00028

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79