CVE-2026-35475
Received Received - Intake
Open Redirect in WeGIA Web Manager Before

Publication date: 2026-04-06

Last updated on: 2026-04-10

Assigner: GitHub, Inc.

Description
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, the redirect parameter is taken directly from $_GET with no URL validation or whitelist check, then used verbatim in a header("Location: ...") call. This vulnerability is fixed in 3.6.9.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-06
Last Modified
2026-04-10
Generated
2026-06-16
AI Q&A
2026-04-07
EPSS Evaluated
2026-06-15
NVD
CVE-2026-35475
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wegia wegia to 3.6.9 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows attackers to redirect authenticated users to malicious external sites, potentially enabling phishing and social engineering attacks. This can lead to unauthorized disclosure of personal or sensitive information if users are tricked into submitting data to malicious sites.

Such risks may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of user data and prevention of unauthorized access or disclosure. The open redirect vulnerability could undermine user trust and the security of personal data handled by the application.

However, the CVE description and resources do not explicitly mention compliance impacts or specific regulatory considerations.

Detection Guidance

This vulnerability can be detected by checking if the WeGIA application (version prior to 3.6.9) improperly uses the redirect parameter from the URL query string without validation, leading to an open redirect.

One way to detect it is to send crafted HTTP requests to the vulnerable endpoint and observe if the server responds with a redirect to an arbitrary external URL.

  • Use curl to test the redirect parameter, for example:
  • curl -I 'http://<wegia-server>/WeGIA/html/configuracao/backup.php?action=bd&redirect=https://evil.com'
  • Check the HTTP response headers for a Location header redirecting to the external URL (https://evil.com in this example).
  • Alternatively, use tools like Burp Suite or a web proxy to intercept and analyze the redirect behavior after triggering the backup action.
Impact Analysis

Because the redirect parameter is not validated, an attacker could exploit this to perform open redirect attacks. This can lead users to malicious websites, potentially resulting in phishing attacks, loss of user trust, or other security risks associated with redirecting users to untrusted locations.

Executive Summary

The vulnerability exists in WeGIA, a web manager for charitable institutions, in versions prior to 3.6.9. It involves the redirect parameter, which is taken directly from the $_GET request without any URL validation or whitelist checks. This parameter is then used verbatim in a HTTP header call ("Location: ..."), which can lead to security issues.

Mitigation Strategies

The vulnerability is fixed in WeGIA version 3.6.9. Immediate mitigation involves upgrading the WeGIA web manager to version 3.6.9 or later.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-35475. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart