CVE-2025-53377

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.3

Description: A Reflected Cross-Site Scripting (XSS) issue was identified in the "cadastro dependente pessoa nova.php" endpoint of the WeGIA application. This issue allows attackers to inject malicious scripts in the id funcionario parameter.

Recommendations: For versions prior to 3.4.3, update to version 3.4.3 to resolve the issue. As a temporary workaround, consider restricting access to the "cadastro dependente pessoa nova.php" endpoint or avoiding the use of the id funcionario parameter until the update is applied.