Reflected XSS Vulnerability in WeGIA Web Application by LabRedesCefetRJ
CVE-2025-58452

2.1LOW

Key Information:

Vendor: Labredescefetrj
Status: Wegia
Vendor: CVE Published:; 8 September 2025

🔔 Create Labredescefetrj Vulnerability Alert

What is CVE-2025-58452?

A reflected cross-site scripting (XSS) vulnerability has been discovered in the WeGIA web application, impacting versions before 3.4.11. This flaw is present in the listar_despachos.php endpoint, where an attacker can exploit the id_memorando parameter to inject malicious scripts. The security risk posed by this vulnerability emphasizes the importance of maintaining updated software. Version 3.4.11 of WeGIA contains a patch addressing this critical issue, underscoring the need for users to upgrade to secure their applications from potential attacks.

Affected Version(s)

WeGIA < 3.4.11

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisor...

x_refsource_CONFIRM

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 8, 2025
Vulnerability Reserved
Sep 1, 2025