CVE-2025-6699

Name of the Vulnerable Software and Affected Versions: LabRedesCefetRJ WeGIA version 3.4.0

Description: A problematic vulnerability has been found in the Cadastro de Funcionário component, specifically affecting the /html/funcionario/cadastro funcionario.php file. The issue is related to the manipulation of the Nome/Sobrenome argument, which leads to cross-site scripting. This can be initiated remotely.

Recommendations: For version 3.4.0, as a temporary workaround, consider restricting access to the cadastro funcionario.php file until a patch is available. Avoid using the Nome/Sobrenome argument in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.