CVE-2025-53821 – WeGIA Open Redirect Vulnerability

July 15, 2025

CVE ID : CVE-2025-53821

Published : July 14, 2025, 11:15 p.m. | 3 hours, 36 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the `nextPage` parameter, leading to an uncontrolled redirection. Version 3.4.5 contains a fix for the issue.

Severity: 4.7 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53824 – WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-53820 – WeGIA Reflected Cross-Site Scripting (XSS)

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

CVE-2025-53821 – WeGIA Open Redirect Vulnerability

WhatsApp Issues Emergency Update for Zero-Click Exploit Targeting iOS and macOS Devices

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Firefox Web App Support Available to Test (on Windows, At Least)

NHS Charter Urges Vendors to Improve Cybersecurity to Prevent Ransomware

Microsoft Gaming studios head Matt Booty says “overall portfolio strategy is unchanged” — with more than 40 games in production

CVE-2025-5964 – M-Files Server Path Traversal Vulnerability

H2O – optimized HTTP/1.x, HTTP/2, HTTP/3 server

How passkeys work: Let’s start the passkey registration process

Updo – website monitoring tool

TamperedChef Malware Disguised as Fake PDF Editors Steals Credentials and Cookies

CVE-2025-53821 – WeGIA Open Redirect Vulnerability

Related Posts