CVE-2025-57762

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.7

Description: WeGIA is a Web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability exists in the dependente docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the nome parameter. The injected scripts are stored on the server and executed automatically when users access the affected page.

Recommendations: Update WeGIA to version 3.4.7 or later.