CVE-2025-53936 – WeGIA Reflected Cross-Site Scripting (XSS)

July 16, 2025

CVE ID : CVE-2025-53936

Published : July 16, 2025, 4:15 p.m. | 2 hours, 28 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `personalizacao_selecao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `nome_car` parameter. Version 3.4.5 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53930 – WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

Next Article CVE-2025-53934 – WeGIA Stored Cross-Site Scripting (XSS) Vulnerability

Report: 71% of tech leaders won’t hire devs without AI skills

Slack’s AI search now works across an organization’s entire knowledge base

In-House vs Outsourcing for React.js Development: Understand What Is Best for Your Enterprise

Tiny Screens, Big Impact: The Forgotten Art Of Developing Web Apps For Feature Phones

Too many open browser tabs? This is still my favorite solution – and has been for years

This new browser won’t monetize your every move – how to try it

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

The details of TC39’s last meeting

The details of TC39’s last meeting

Notes Android App Using SQLite

How to Get Security Patches for Legacy Unsupported Node.js Versions

KeySmith – SSH key management

KeySmith – SSH key management

Pokémon has partnered with one of the biggest PC gaming brands again, and you can actually buy these accessories — but do you even want to?

AMD’s budget Ryzen AI 5 330 processor will introduce a wave of ultra-affordable Copilot+ PCs with its mobile 50 TOPS NPU

CVE-2025-53936 – WeGIA Reflected Cross-Site Scripting (XSS)

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-40662 – DM Corporative CMS Absolute Path Disclosure

Warhammer 40,000: Space Marine 2 is borrowing one of Gears of War’s best modes — and it’s live right now

chess22k is a chess engine written in Java

Save $200 on this 77-piece Milwaukee wrench set at The Home Depot

How to Install Windows 11 Without a Microsoft Account (Step-by-Step Guide for All Users)

I tested Samsung’s QD-OLED 4K monitor for gaming and work – and it was equally practical

May 2025 Detection Highlights: VMRay Threat Identifiers, Config Extractors for Lumma & VideoSpy, and Fresh YARA Rules.

CVE-2025-51656 – SemCms SQL Injection

CVE-2025-53936 – WeGIA Reflected Cross-Site Scripting (XSS)

Related Posts