Security Advisory

CVE-2026-23723

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-16 19:27:26

Last updated 2026-01-16 21:36:57

Assigner GitHub_M

State PUBLISHED

Description

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was identified in the Atendido_ocorrenciaControle endpoint via the id_memorando parameter. This flaw allows for full database exfiltration, exposure of sensitive PII, and potential arbitrary file reads in misconfigured environments. This vulnerability is fixed in 3.6.2.

← Browse all CVEs View on cve.org ↗