CVE-2025-22600

Publication date

2025-01-10 15:30:15

Family

GitHub_M

State

PUBLISHED

Description

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This vulnerability is fixed in 3.2.8.