Описание
WeGIA is a Web Manager for Charitable Institutions. Prior to 3.6.2, a Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the WeGIA system, specifically within the html/memorando/insere_despacho.php file. The application fails to properly sanitize or encode user-supplied input via the id_memorando GET parameter before reflecting it into the HTML source (likely inside a
Ссылки
- ExploitMitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.6.2 (исключая)
cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*
EPSS
Процентиль: 22%
0.00071
Низкий
9.1 Critical
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79
EPSS
Процентиль: 22%
0.00071
Низкий
9.1 Critical
CVSS3
6.1 Medium
CVSS3
Дефекты
CWE-79