CVE-2025-6695 – LabRedesCefetRJ WeGIA Cross-Site Scripting Vulnerability

June 26, 2025

CVE ID : CVE-2025-6695

Published : June 26, 2025, 2:15 p.m. | 49 minutes ago

Description : A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This issue affects some unknown processing of the file /html/matPat/adicionar_categoria.php of the component Additional Categoria. The manipulation of the argument Insira a nova categoria leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-6674 – Drupal CKEditor5 Youtube Cross-Site Scripting (XSS)

Next Article CVE-2025-5682 – Drupal Klaro Cookie & Consent Management Cross-Site Scripting (XSS)

Highlights

CVE-2025-5320 – Gradio CORS Handler Origin Validation Bypass Vulnerability

May 29, 2025

CVE ID : CVE-2025-5320

Published : May 29, 2025, 2:15 p.m. | 2 hours, 47 minutes ago

Description : A vulnerability classified as problematic has been found in gradio-app gradio up to 5.29.1. This affects the function is_valid_origin of the component CORS Handler. The manipulation of the argument localhost_aliases leads to origin validation error. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 3.7 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Coded Smorgasbord: High Strung

Chainguard launches trusted collection of verified JavaScript libraries

CData launches Connect AI to provide agents access to enterprise data sources

PostgreSQL 18 adds asynchronous I/O to improve performance

Distribution Release: Neptune 9.0

Distribution Release: Kali Linux 2025.3

Distribution Release: SysLinuxOS 13

Development Release: MX Linux 25 Beta 1

PHP 8.5.0 RC 1 available for testing

PHP 8.5.0 RC 1 available for testing

Terraform Code Generator Using Ollama and CodeGemma

Beyond Denial: How AI Concierge Services Can Transform Healthcare from Reactive to Proactive

Distribution Release: Neptune 9.0

Distribution Release: Neptune 9.0

FOSS Weekly #25.39: Kill Switch Phones, LMDE 7, Zorin OS 18 Beta, Polybar, Apt History and More Linux Stuff

Distribution Release: Kali Linux 2025.3

CVE-2025-6695 – LabRedesCefetRJ WeGIA Cross-Site Scripting Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

CVE-2025-40617 – Bookgy SQL Injection Vulnerability

CVE-2025-5004 – “Projectworlds Online Time Table Generator SQL Injection Vulnerability”

How to use your Android phone as a webcam when your laptop’s default won’t cut it

Why Businesses Are Switching to Webflow for Website Development

CVE-2025-5320 – Gradio CORS Handler Origin Validation Bypass Vulnerability

Sony’s Bend Studio Confirms Layoffs as It Gears Up for New Game

NVIDIA GeForce “Game Ready” graphics driver update fixes bugs from a previous release — Flickering screens patched

CVE-2025-9639 – Ai3 QbiCRMGateway Arbitrary File Reading Vulnerability

CVE-2025-6695 – LabRedesCefetRJ WeGIA Cross-Site Scripting Vulnerability

Related Posts