Security Advisory

CVE-2026-23724

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-16 19:37:06

Last updated 2026-01-16 21:33:07

Assigner GitHub_M

State PUBLISHED

Description

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the html/atendido/cadastro_ocorrencia.php endpoint of the WeGIA application. The application does not sanitize user-controlled data before rendering it inside the “Atendido” selection dropdown. This vulnerability is fixed in 3.6.2.

← Browse all CVEs View on cve.org ↗