CVE-2025-54076 – WeGIA Reflected Cross-Site Scripting (XSS)

July 18, 2025

CVE ID : CVE-2025-54076

Published : July 18, 2025, 4:15 p.m. | 1 hour, 3 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.4.6 in the `pre_cadastro_atendido.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `msg_e` parameter. Version 3.4.6 fixes the issue.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-54077 – WeGIA Reflected Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-54073 – Microsoft MCP Package Docs Command Injection Vulnerability

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Cloudsmith launches ML Model Registry to provide a single source of truth for AI models and datasets

Kong Acquires OpenMeter to Unlock AI and API Monetization for the Agentic Era

Microsoft Graph CLI to be retired

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

The Xbox remaster that brought Gears to PlayStation just passed a huge milestone — “ending the console war” and proving the series still has serious pulling power

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Magento (Adobe Commerce) or Optimizely Configured Commerce: Which One to Choose

Updates from N|Solid Runtime: The Best Open-Source Node.js RT Just Got Better

Scale Your Business with AI-Powered Solutions Built for Singapore’s Digital Economy

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

ASUS built a desktop gaming PC around a mobile CPU — it’s an interesting, if flawed, idea

Hollow Knight: Silksong arrives on Xbox Game Pass this week — and Xbox’s September 1–7 lineup also packs in the horror. Here’s every new game.

CVE-2025-54076 – WeGIA Reflected Cross-Site Scripting (XSS)

CISA Adds TP-Link and WhatsApp Flaws to KEV Catalog Amid Active Exploitation

Pennsylvania Attorney General’s Office Recovers from Ransomware Attack

What is a microSD Express Card, and should I use it in my gaming handheld?

CVE-2025-52817 – ZealousWeb Abandoned Contact Form 7 Missing Authorization Vulnerability

World’s First Hidden Jobs Finder Free Chrome Extension Will Blow Your Mind: Discover Jobs from Google Maps Like Never Before!

CVE-2025-5664 – FreeFloat FTP Server Buffer Overflow Vulnerability

Windows 10 is clinging to life — but Microsoft’s chaotic ‘ESU’ rollout and relentless Windows 11 ads are making its final days worse, frustrating millions

I tested the $13 multitool that everyone is talking about. Here’s my verdict

Microsoft Copilot gets OpenAI’s GPT-4o image generation support — but maybe a day late and a dollar short for the hype?

This new tech could be for AI agents what HTML was to the open web

CVE-2025-54076 – WeGIA Reflected Cross-Site Scripting (XSS)

Related Posts