Login Sign Up

CVE-2025-53934

5.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

A stored XSS vulnerability in WeGIA's control.php endpoint allows attackers to inject malicious scripts via the descricao_emergencia parameter. These scripts persist on the server and execute automatically when users access affected pages, potentially compromising user sessions and data. Organizations using WeGIA versions before 3.4.5 are affected.

💻 Affected Systems

Products:
  • WeGIA
Versions: All versions prior to 3.4.5
Operating Systems: Any OS running WeGIA
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all deployments with the vulnerable control.php endpoint accessible.

📦 What is this software?

Wegia by Wegia

View all CVEs affecting Wegia →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal administrator credentials, hijack user sessions, deface websites, or redirect users to malicious sites, potentially leading to complete system compromise.

🟠

Likely Case

Session hijacking, credential theft, and unauthorized actions performed on behalf of authenticated users.

🟢

If Mitigated

Limited to minor data leakage or temporary disruption if proper input validation and output encoding are implemented.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires access to the vulnerable parameter but is technically simple once access is obtained.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.4.5

Vendor Advisory: https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-gqwp-637v-v49v

Restart Required: No

Instructions:

1. Backup your WeGIA installation and database. 2. Download WeGIA version 3.4.5 from the official repository. 3. Replace the existing installation with the new version. 4. Verify that control.php now properly sanitizes the descricao_emergencia parameter.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side input validation to sanitize the descricao_emergencia parameter before processing.

Modify control.php to add: $descricao_emergencia = htmlspecialchars($_POST['descricao_emergencia'], ENT_QUOTES, 'UTF-8');

🧯 If You Can't Patch

  • Implement a Web Application Firewall (WAF) with XSS protection rules.
  • Restrict access to the control.php endpoint to trusted users only.

🔍 How to Verify

Check if Vulnerable:

Test if unsanitized HTML/JavaScript in the descricao_emergencia parameter persists and executes when the page is reloaded.

Check Version:

Check the WeGIA version in the application's admin panel or configuration files.

Verify Fix Applied:

Attempt to inject script tags via descricao_emergencia and verify they are properly encoded/blocked.

📡 Detection & Monitoring

Log Indicators:

  • Unusual POST requests to control.php with script tags or JavaScript in parameters.
  • Multiple failed attempts to access control.php with malicious payloads.

Network Indicators:

  • HTTP requests containing <script> tags or JavaScript code in the descricao_emergencia parameter.

SIEM Query:

source="web_server" AND (url="*control.php*" AND (param="*descricao_emergencia*" AND value="*<script>*"))

📊 Metadata

CVE ID: CVE-2025-53934
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.03% exploit probability (7.7th percentile)
Published: July 16, 2025
Last Updated: July 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-53934, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)