Reflected Cross-Site Scripting Vulnerability in WeGIA Open Source Web Manager

CVE-2025-54077

What is CVE-2025-54077?

A vulnerability exists in the WeGIA web management application that allows attackers to exploit the personalizacao.php endpoint. By injecting malicious scripts into the err parameter, an attacker can execute arbitrary code in the context of a user's session. This vulnerability affects versions of WeGIA prior to 3.4.6, requiring immediate attention to secure user data and application integrity. Users are encouraged to upgrade to the fixed version to mitigate any potential risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch →

References