CVE-2025-53931

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.4.5

Description WeGIA is an open-source web manager designed for the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability exists in the adicionar raca.php endpoint. This allows attackers to inject malicious scripts into the raca parameter, which are then stored on the server and executed when users access the affected page.

Recommendations Update WeGIA to version 3.4.5 or later.