CVE-2026-35475
Open Redirect in WeGIA Web Manager Before
Publication date: 2026-04-06
Last updated on: 2026-04-10
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | to 3.6.9 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :
Because the redirect parameter is not validated, an attacker could exploit this to perform open redirect attacks. This can lead users to malicious websites, potentially resulting in phishing attacks, loss of user trust, or other security risks associated with redirecting users to untrusted locations.
Can you explain this vulnerability to me?
The vulnerability exists in WeGIA, a web manager for charitable institutions, in versions prior to 3.6.9. It involves the redirect parameter, which is taken directly from the $_GET request without any URL validation or whitelist checks. This parameter is then used verbatim in a HTTP header call ("Location: ..."), which can lead to security issues.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in WeGIA version 3.6.9. Immediate mitigation involves upgrading the WeGIA web manager to version 3.6.9 or later.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to redirect authenticated users to malicious external sites, potentially enabling phishing and social engineering attacks. This can lead to unauthorized disclosure of personal or sensitive information if users are tricked into submitting data to malicious sites.
Such risks may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of user data and prevention of unauthorized access or disclosure. The open redirect vulnerability could undermine user trust and the security of personal data handled by the application.
However, the CVE description and resources do not explicitly mention compliance impacts or specific regulatory considerations.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking if the WeGIA application (version prior to 3.6.9) improperly uses the redirect parameter from the URL query string without validation, leading to an open redirect.
One way to detect it is to send crafted HTTP requests to the vulnerable endpoint and observe if the server responds with a redirect to an arbitrary external URL.
- Use curl to test the redirect parameter, for example:
- curl -I 'http://<wegia-server>/WeGIA/html/configuracao/backup.php?action=bd&redirect=https://evil.com'
- Check the HTTP response headers for a Location header redirecting to the external URL (https://evil.com in this example).
- Alternatively, use tools like Burp Suite or a web proxy to intercept and analyze the redirect behavior after triggering the backup action.