CVE-2025-30366

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.2.8

Description The issue allows unauthorized scripts to be executed within the user's browser context due to stored cross-site scripting. This type of scripting is particularly critical because the malicious code is permanently stored on the server and executed whenever a compromised page is loaded, affecting all users accessing this page.

Recommendations For versions prior to 3.2.8, update to version 3.2.8 to fix the issue. As a temporary workaround, consider restricting access to potentially compromised pages until the update is applied.