LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoEntrada.php cross site scripting
CVE-2025-6697

5.1MEDIUM

Key Information:

Vendor

Labredescefetrj

Status
Wegia
Vendor
CVE Published:
26 June 2025

What is CVE-2025-6697?

A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /html/matPat/adicionar_tipoEntrada.php of the component Adicionar tipo. The manipulation of the argument Insira o novo tipo leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Version(s)

WeGIA 3.4.0

References

https://vuldb.com/?id.313963
vdb-entrytechnical-description
https://vuldb.com/?ctiid.313963
signaturepermissions-required
https://vuldb.com/?submit.597386
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
Unknown

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

RaulPACXXX (VulDB User)
.
CVE-2025-6697 : Cross Site Scripting Vulnerability in LabRedesCefetRJ WeGIA Component