Reflected XSS Vulnerability in WeGIA Web Manager by LabRedesCefetRJ
CVE-2025-62359
5.3MEDIUM
What is CVE-2025-62359?
WeGIA, an open-source web management tool tailored for Portuguese-speaking users, contains a reflected cross-site scripting (XSS) vulnerability in the /pet/profile_pet.php?id_pet= endpoint. Prior to version 3.5.0, this flaw allows malicious actors to inject harmful scripts via the 'id_pet' parameter, posing significant risks to users and their data. Users are advised to update to version 3.5.0 or later to mitigate the risk associated with this vulnerability.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
WeGIA < 3.5.0
References
CVSS V4
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved