CVE-2025-6699
BaseFortify
Publication date: 2025-06-26
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | 3.4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-6699 is a stored cross-site scripting (XSS) vulnerability in LabRedesCefetRJ WeGIA version 3.4.0, specifically in the employee registration page (/html/funcionario/cadastro_funcionario.php). It occurs because the application does not properly validate or sanitize user input in the 'Nome' and 'Sobrenome' fields, allowing an authenticated attacker to inject malicious JavaScript code. This malicious script is stored in the backend database and executed later when employee data is loaded elsewhere in the system, such as during the creation of a new memorandum. This leads to arbitrary script execution in the browsers of users interacting with the application. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to execute arbitrary scripts in the browsers of users interacting with the application. Potential impacts include session hijacking, unauthorized redirects, data theft, and other client-side attacks. Because the malicious script is stored and executed persistently, it can affect multiple users and compromise application integrity and user security. [2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to inject a benign JavaScript payload into the 'Nome' and 'Sobrenome' fields on the employee registration page (/html/funcionario/cadastro_funcionario.php). For example, an authenticated user can input a script such as <script>alert('test')</script> into these fields and then observe if the script executes when accessing the memorandum creation page (/html/memorando/insere_despacho.php). Additionally, Google dorking can be used to locate vulnerable targets with queries like: inurl:html/funcionario/cadastro_funcionario.php. There are no specific network commands provided, but manual testing via the web interface or automated scanning tools targeting stored XSS in these parameters can be used. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include avoiding the use of the affected component or replacing it with an alternative product, as no known countermeasures or patches have been published. Additionally, restricting access to the employee registration page to trusted users only and monitoring for suspicious input may reduce risk. Input validation and sanitization should be implemented on the 'Nome' and 'Sobrenome' fields to prevent script injection. Since the vendor has not responded, applying web application firewall (WAF) rules to block malicious scripts and limiting user privileges can also help mitigate exploitation. [1, 2]