Plataforma
php
Componente
pocvuldb
Corrigido em
3.4.1
CVE-2025-6695 is a cross-site scripting (XSS) vulnerability affecting WeGIA versions 3.4.0 through 3.4.0. This flaw allows an attacker to inject malicious scripts into the application, potentially compromising user sessions and data. The vulnerability resides in the processing of the 'Insira a nova categoria' argument within the /html/matPat/adicionar_categoria.php file. A patch is available in version 3.4.1.
Successful exploitation of CVE-2025-6695 allows an attacker to execute arbitrary JavaScript code within the context of a user's browser session. This can lead to various malicious outcomes, including session hijacking, credential theft, and defacement of the WeGIA interface. The attacker could potentially steal sensitive information entered by users, redirect them to malicious websites, or even gain control of the application server if the user has sufficient privileges. Given the remote accessibility of the vulnerability, the blast radius extends to all users interacting with the affected WeGIA instance.
CVE-2025-6695 has been publicly disclosed, increasing the likelihood of exploitation. While the CVSS score is LOW, the ease of exploitation and potential impact warrant attention. No known active campaigns targeting this vulnerability have been reported as of the publication date. The vulnerability is not currently listed on the CISA KEV catalog.
Organizations using WeGIA version 3.4.0 are at direct risk. Shared hosting environments where multiple users share the same WeGIA instance are particularly vulnerable, as an attacker could potentially compromise other users' accounts through this XSS vulnerability.
• generic web: Use curl to test the /html/matPat/adicionar_categoria.php endpoint with a simple XSS payload (e.g., <script>alert(1)</script>).
curl -X POST -d "Insira a nova categoria=<script>alert(1)</script>" http://your-wegia-instance/html/matPat/adicionar_categoria.php• generic web: Examine access and error logs for suspicious requests containing XSS payloads or unusual characters in the 'Insira a nova categoria' parameter. • generic web: Check response headers for signs of XSS injection, such as the presence of injected script tags.
disclosure
Status do Exploit
EPSS
0.07% (percentil 23%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2025-6695 is to upgrade WeGIA to version 3.4.1 or later, which contains the fix. If immediate upgrading is not possible, consider implementing input validation and sanitization on the 'Insira a nova categoria' argument to prevent malicious code injection. Web application firewalls (WAFs) configured to detect and block XSS attacks can provide an additional layer of defense. Regularly review and update your WAF rules to ensure they are effective against emerging threats. After upgrading, confirm the vulnerability is resolved by attempting to inject a simple XSS payload into the 'Insira a nova categoria' field and verifying that it is properly sanitized.
Atualize para uma versão corrigida ou implemente medidas de saneamento de entrada no arquivo adicionar_categoria.php para evitar a execução de código XSS. Valide e escape a entrada do usuário no parâmetro 'Insira a nova categoria' antes de exibi-la na página.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-6695 is a cross-site scripting (XSS) vulnerability in WeGIA versions 3.4.0–3.4.0, allowing attackers to inject malicious scripts.
Yes, if you are using WeGIA version 3.4.0, you are affected by this vulnerability.
Upgrade WeGIA to version 3.4.1 or later to resolve the vulnerability. Input validation is a temporary workaround.
While no active campaigns are confirmed, the vulnerability is publicly disclosed and could be exploited.
Contact LabRedesCefetRJ directly, as they have not responded to early disclosure attempts.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.