Open Redirect Vulnerability in WeGIA Web Manager Affects Charitable Institutions
CVE-2025-53821

4.7MEDIUM

Key Information:

Vendor: Labredescefetrj
Status: Wegia
Vendor: CVE Published:; 14 July 2025

🔔 Create Labredescefetrj Vulnerability Alert

What is CVE-2025-53821?

WeGIA, an open-source web manager tailored for Portuguese-speaking users and charitable institutions, has an Open Redirect vulnerability in its application. This issue, found prior to version 3.4.5, affects the control.php endpoint where the 'nextPage' parameter can be manipulated to redirect users to an arbitrary URL. Such uncontrolled redirection poses security risks, potentially leading to phishing attacks or other malicious activities. The flaw has been addressed in version 3.4.5.

Affected Version(s)

WeGIA < 3.4.5

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisor...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2025
Vulnerability Reserved
Jul 9, 2025