CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

July 15, 2025

CVE ID : CVE-2025-53822

Published : July 14, 2025, 11:15 p.m. | 3 hours, 36 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `tipo_relatorio` parameter. Version 3.4.5 has a patch for the issue.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53825 – Dokploy Unauthenticated Code Execution and Secret Disclosure Vulnerability

Next Article CVE-2025-53834 – Caido Toast UI Component Reflected Cross-Site Scripting (XSS) Vulnerability

Highlights

CVE-2025-4937 – SourceCodester Apartment Visitor Management System SQL Injection Vulnerability

May 19, 2025

CVE ID : CVE-2025-4937

Published : May 19, 2025, 3:15 p.m. | 1 hour, 13 minutes ago

Description : A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /profile.php. The manipulation of the argument mobilenumber leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

UI automation: Why “try, try again”is your mantra

AI is returning to Taco Bell and McDonald’s drive-thrus – will customers bite this time?

I deciphered Apple’s iPhone 17 event invite – my 3 biggest theories for what’s expected

This Milwaukee 9-tool kit is $200 off for Labor Day – here’s what’s included

Massive TransUnion breach leaks personal data of 4.4 million customers – what to do now

Streamlining Application Automation with Laravel’s Task Scheduler

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Planning Sitecore Migration: Things to consider

From Novice to Pro: Mastering Lightweight Linux for Your Kubernetes Projects

From Novice to Pro: Mastering Lightweight Linux for Your Kubernetes Projects

Microsoft AI launches MAI-Voice-1 and previews MAI-1 foundation model

Clipchamp Tutorial: Cut and Split Videos Quickly

CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

Ransomware Attack Hits Nevada: DMV, Health Authority Among Agencies Affected

New Secure Boot flaw lets attackers install bootkit malware, patch now

CVE-2025-3462 – ASUS DriverHub HTTP Request Validation Bypass

DAT Linux is a distribution targeted at data science

Distribution Release: Liya 2.4

CVE-2025-4937 – SourceCodester Apartment Visitor Management System SQL Injection Vulnerability

Teller is a multi provider secret management tool

Elevate your UX research game with better questions

CVE-2025-46399 – Fig2Dev Genge Itp Spline Segmentation Fault

CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

Related Posts