CVE-2026-45335
BaseFortify
Publication date: 2026-05-27
Last updated on: 2026-05-27
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wegia | wegia | 3.7.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to perform open redirect attacks, which can be exploited for phishing, credential theft, malware distribution, and social engineering. Such attacks can lead to unauthorized disclosure of personal data or compromise of user credentials.
This kind of security weakness may impact compliance with standards and regulations like GDPR and HIPAA, which require protection of personal data and secure handling of user information to prevent unauthorized access or data breaches.
By enabling attackers to redirect users to malicious sites and potentially steal credentials or distribute malware, the vulnerability increases the risk of data breaches and non-compliance with data protection requirements.
Can you explain this vulnerability to me?
The vulnerability is an Open Redirect issue in the WeGIA web manager application, specifically in the /WeGIA/controle/control.php endpoint. It occurs when the nextPage parameter is used together with metodo=listarTodos and nomeClasse=InternoControle. The application does not properly validate or restrict the nextPage parameter, which allows attackers to redirect users to arbitrary external websites.
This flaw can be exploited by attackers to trick users into visiting malicious sites by leveraging the trusted WeGIA domain.
How can this vulnerability impact me? :
This vulnerability can be abused for phishing attacks, where users are redirected to malicious websites that may steal credentials or distribute malware.
It also enables social engineering attacks by exploiting the trust users have in the WeGIA domain, potentially leading to credential theft and malware infections.
What immediate steps should I take to mitigate this vulnerability?
The vulnerability is fixed in WeGIA version 3.7.3. Immediate mitigation involves upgrading the WeGIA application to version 3.7.3 or later.
Until the upgrade can be performed, consider restricting access to the vulnerable endpoint /WeGIA/controle/control.php or implementing input validation and filtering on the nextPage parameter to prevent open redirects.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests to the /WeGIA/controle/control.php endpoint that include the parameters metodo=listarTodos, nomeClasse=InternoControle, and a nextPage parameter that redirects to an external URL.
A simple way to test for the vulnerability is to craft a request with a valid session cookie to the vulnerable endpoint, including the parameters mentioned, and observe if the application redirects to the specified external URL.
Example command using curl to test the vulnerability:
- curl -i -b "session_cookie=YOUR_VALID_SESSION_COOKIE" "http://target/WeGIA/controle/control.php?metodo=listarTodos&nomeClasse=InternoControle&nextPage=https://example.com"
If the response includes a redirect (HTTP 3xx) to the external URL specified in nextPage, the vulnerability is present.
Additionally, monitoring logs or network traffic for unexpected redirects from this endpoint can help detect exploitation attempts.