Platform
php
Component
wegia
Fixed in
3.6.10
CVE-2026-35396 is an Open Redirect vulnerability affecting WeGIA, a web manager for charitable institutions. This flaw allows attackers to redirect users to malicious external websites through the /WeGIA/controle/control.php endpoint, potentially enabling phishing attacks and credential theft. The vulnerability impacts versions 3.6.0 through 3.6.8 and has been resolved in version 3.6.9.
CVE-2026-35396 in WeGIA, a web manager for charitable institutions, presents a significant risk due to an open redirect vulnerability. Prior to version 3.6.9, the 'nextPage' parameter within the /WeGIA/controle/control.php endpoint, when combined with 'metodo=listarId' and 'nomeClasse=IsaidaControle', is not properly validated. This allows attackers to redirect users to arbitrary external websites. The potential impact includes targeted phishing attacks against WeGIA users, credential theft, and the possible distribution of malware through malicious redirects. Charitable institutions utilizing WeGIA and not upgraded to version 3.6.9 are particularly vulnerable. The application's handling of sensitive donor and organizational information amplifies the risk of a successful attack.
An attacker could exploit this vulnerability by crafting a malicious link containing a manipulated value for the 'nextPage' parameter. Clicking this link would redirect a legitimate WeGIA user to a website controlled by the attacker. This website could mimic a legitimate WeGIA login page, tricking the user into entering their credentials. Alternatively, the attacker could redirect the user to a website distributing malware. The vulnerability is particularly concerning because the redirection occurs within the context of the WeGIA application, which may increase user trust in the malicious link.
Exploit Status
EPSS
0.03% (8% percentile)
CISA SSVC
The primary solution to mitigate CVE-2026-35396 is to upgrade WeGIA to version 3.6.9 or later. This update corrects the vulnerability by implementing proper validation of the 'nextPage' parameter. Additionally, implementing supplementary security measures is recommended, such as URL integrity verification before redirection, utilizing Content Security Policy (CSP) to restrict content sources, and training staff on identifying phishing attacks. Monitoring server logs for suspicious redirection patterns can also aid in detecting and responding to potential exploitation attempts. The upgrade should be performed as soon as possible to minimize exposure risk.
Actualice el módulo WeGIA a la versión 3.6.9 o superior para mitigar la vulnerabilidad de redirección abierta. La versión corregida valida adecuadamente el parámetro 'nextPage', evitando que los atacantes redirijan a los usuarios a sitios web externos maliciosos. Asegúrese de realizar una copia de seguridad de su configuración antes de actualizar.
Vulnerability analysis and critical alerts directly to your inbox.
WeGIA is a web manager designed to help charitable institutions manage their operations.
Version 3.6.9 fixes the open redirect vulnerability (CVE-2026-35396) that could allow phishing attacks and data theft.
Implement additional security measures such as CSP and monitor server logs.
Be wary of unexpected links, especially those requesting personal information or credentials.
Consult the official WeGIA documentation and cybersecurity information sources.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.