exploitDog

CVE-2025-62359

Опубликовано: 13 окт. 2025

Источник: nvd

CVSS3: 6.1

EPSS Низкий

Описание

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the /pet/profile_pet.php?id_pet= endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the id_pet parameter. This vulnerability is fixed in 3.5.0.

Ссылки

https://github.com/LabRedesCefetRJ/WeGIA/commit/176733543c9b6762bef5ddec7c9c555f76fafa1d
Patch
https://github.com/LabRedesCefetRJ/WeGIA/issues/257
Issue Tracking
Mitigation
Vendor Advisory
https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-68mw-h9q4-j34f
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*

Версия от 3.4.11 (включая) до 3.5.0 (исключая)

EPSS

Процентиль: 13%

0.00044

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79

EPSS

Процентиль: 13%

0.00044

Низкий

6.1 Medium

CVSS3

Дефекты

CWE-79