CVE-2026-35398
Open Redirect in WeGIA control.php Enables Phishing Attacks
Publication date: 2026-04-06
Last updated on: 2026-04-09
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | to 3.6.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Open Redirect issue in the WeGIA web application prior to version 3.6.9. It occurs in the /WeGIA/controle/control.php endpoint through the nextPage parameter when used with specific parameters (metodo=listarTodos & listarId_Nome and nomeClasse=OrigemControle). The application does not properly validate or restrict the nextPage parameter, which allows attackers to redirect users to arbitrary external websites.
Because of this, attackers can exploit the trusted WeGIA domain to perform phishing attacks, steal credentials, distribute malware, or conduct social engineering attacks by redirecting users to malicious sites.
How can this vulnerability impact me? :
The vulnerability can impact users by enabling attackers to redirect them to malicious external websites. This can lead to phishing attacks where users may unknowingly provide sensitive information such as login credentials.
It can also facilitate malware distribution and social engineering attacks by leveraging the trust users have in the legitimate WeGIA domain.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this Open Redirect vulnerability in WeGIA prior to version 3.6.9, you should upgrade the WeGIA application to version 3.6.9 or later where the issue is fixed.
Until the upgrade is applied, consider restricting or validating the nextPage parameter in the /WeGIA/controle/control.php endpoint to prevent redirection to arbitrary external websites.
Additionally, monitor and educate users about phishing risks that may exploit this vulnerability.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability is an Open Redirect in the WeGIA application that can be exploited for phishing, credential theft, malware distribution, and social engineering by abusing the trusted domain.
Such exploitation can lead to unauthorized disclosure or compromise of user data, which may impact compliance with data protection regulations like GDPR and HIPAA that require protection against unauthorized access and data breaches.
However, the provided information does not explicitly describe the direct impact on compliance with these standards.