CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

July 15, 2025

CVE ID : CVE-2025-53822

Published : July 14, 2025, 11:15 p.m. | 3 hours, 36 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `tipo_relatorio` parameter. Version 3.4.5 has a patch for the issue.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53825 – Dokploy Unauthenticated Code Execution and Secret Disclosure Vulnerability

Next Article CVE-2025-53834 – Caido Toast UI Component Reflected Cross-Site Scripting (XSS) Vulnerability

Highlights

CVE-2025-48874 – Apache HTTP Server Insecure Deserialization

May 30, 2025

CVE ID : CVE-2025-48874

Published : May 30, 2025, 8:15 p.m. | 1 hour, 25 minutes ago

Description : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2025-5257. Reason: This candidate is a duplicate of CVE-2025-5257. Notes: All CVE users should reference CVE-2025-5257 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Akka introduces platform for distributed agentic AI

Design Patterns For AI Interfaces

Amazon launches spec-driven AI IDE, Kiro

This week in AI dev tools: Gemini API Batch Mode, Amazon SageMaker AI updates, and more (July 11, 2025)

Windows 11 will soon be able to describe images on your screen using AI — and it’ll all be done locally

Marvel Rivals’ swimsuit lineup kicks off this week — with hot new outfits for these characters

iPhone alarm not going off? 6 potential fixes to this annoying issue

ChatGPT falls for another Windows license key scam — generating valid codes in a guessing game after a researcher “gives up”

The details of TC39’s last meeting

The details of TC39’s last meeting

Modern async iteration in JavaScript with Array.fromAsync()

Vite vs Webpack: A Guide to Choosing the Right Bundler

Windows 11 will soon be able to describe images on your screen using AI — and it’ll all be done locally

Windows 11 will soon be able to describe images on your screen using AI — and it’ll all be done locally

Marvel Rivals’ swimsuit lineup kicks off this week — with hot new outfits for these characters

The Curious Case of AUR Updates Fetching 30 GB of Data for Electron

CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

CVE-2025-53623 – ActiveJob Job Iteration API Remote Code Execution Vulnerability

CVE-2025-53818 – GitHub Kanban MCP Server Command Injection Vulnerability

Fix Now Elden Ring Nightreign EAC Error 30005 (CreateFile Failed)

Mozilla VPN Linux App is Now Available on Flathub

Rilasciato Sway 1.11: Il Compositore Tiling per Wayland Aggiunge il Supporto alla Sincronizzazione Esplicita

CVE-2025-41404 – Iroha Board Information Disclosure

CVE-2025-48874 – Apache HTTP Server Insecure Deserialization

CVE-2025-4170 – Xavin’s Review Ratings Stored Cross-Site Scripting Vulnerability

Rilasciato Fastfetch 2.41: Tutte le novità del tool per mostrare le informazioni dei sistemi GNU/Linux

CVE-2025-29691 – OA System XSS

CVE-2025-53822 – WeGIA Reflected Cross-Site Scripting (XSS)

Related Posts