CVE-2025-61606

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below

Description WeGIA is a web manager designed for charitable institutions. An Open Redirect issue exists in the control.php endpoint, specifically through the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle). This allows attackers to redirect users to external domains, potentially enabling phishing, malicious payload distribution, or credential theft.

Recommendations Update to version 3.5.0 or later.