CVE-2025-53821

MEDIUM WAF: Medium

CVSS 6.1 Published: 2025-07-14

CWE-601

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the `nextPage` parameter, leading to an uncontrolled redirection. Version 3.4.5 contains a fix for the issue.

WAF Coverage Analysis

Open Redirect Medium WAF Coverage

OWASP: A01:2021 Broken Access Control

941xxx - XSS / XXE

Affected Software

Vendor	Product	Version
wegia	wegia	up to 3.4.5

References

github.com (Exploit, Vendor Advisory)

Back to CVE Database