exploitDog

CVE-2026-23722

Опубликовано: 16 янв. 2026

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

WeGIA is a Web Manager for Charitable Institutions. Prior to 3.6.2, a Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the WeGIA system, specifically within the html/memorando/insere_despacho.php file. The application fails to properly sanitize or encode user-supplied input via the id_memorando GET parameter before reflecting it into the HTML source (likely inside a

Ссылки

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-g7hh-6qj7-mcqf

EPSS

Процентиль: 25%

0.00083

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-79

EPSS

Процентиль: 25%

0.00083

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-79