CVE-2025-54077
BaseFortify
Publication date: 2025-07-18
Last updated on: 2025-07-30
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | to 3.4.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Reflected Cross-Site Scripting (XSS) issue in the WeGIA web application, specifically in the personalizacao.php endpoint. It occurs because the application does not properly validate or sanitize user input passed through the 'err' parameter in the URL. This allows attackers to inject malicious scripts that are reflected back and executed in the victim's browser when they interact with a crafted link. [1]
How can this vulnerability impact me? :
The vulnerability can lead to theft of user login credentials, virtual defacement of the website, execution of any actions the user can perform, and redirection to malicious or competing sites. It allows attackers to execute arbitrary JavaScript in the victim's browser, potentially compromising sensitive data and user sessions. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the personalizacao.php endpoint for reflected XSS in the 'err' parameter. You can use a web request tool like curl or a browser to send a request with a test payload such as `<script>alert(document.cookie)</script>` in the 'err' parameter and observe if the script is reflected and executed in the response. For example, use the command: curl -v "http://yourserver/html/personalizacao.php?msg=error&err=<script>alert(document.cookie)</script>" and check if the response contains the injected script unescaped. Alternatively, use automated web vulnerability scanners that test for reflected XSS vulnerabilities on this endpoint and parameter. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the WeGIA application to version 3.4.6 or later, where this vulnerability is fixed. If upgrading is not immediately possible, apply input validation and sanitization on the 'err' parameter to prevent script injection, or implement web application firewall (WAF) rules to block malicious payloads targeting this parameter. Additionally, educate users to avoid clicking suspicious links that exploit this vulnerability. [1]