Vulnerabilities

CVE-2026-23724 - WeGIA Stored Cross-Site Scripting (XSS) – atendido_idatendido Parameter on Occur...

2026-01-16 0 views admin

CVE ID : CVE-2026-23724 Published : Jan. 16, 2026, 7:37 p.m. | 40 minutes ago Description : WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the html/atendido/cadastro_ocorrencia.php endpoint of the WeGIA application. The application does not sanitize user-controlled data before rendering it inside the “Atendido” selection dropdown. This vulnerability is fixed in 3.6.2. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-23724

Published

Jan. 16, 2026

Affected Product: php

Impact: XSS

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-23724php

CVE-2026-23724 - WeGIA Stored Cross-Site Scripting (XSS) – atendido_idatendido Parameter on Occur...

CVE Details

🏷️ Tags

More from Vulnerabilities

CVE-2026-23634 - Pepr Overly Permissive RBAC ClusterRole in Admin Mode

CVE-2025-69581 - Chamillo LMS Information Disclosure Vulnerability

CVE-2019-25297 - Poll, Survey & Quiz Maker Plugin by Opinion Stage < 19.6.25 Stored XSS

CVE-2026-23643 - CakePHP PaginatorHelper::limitControl() vulnerable to reflected cross-site-scrip...

Trending

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

Tech: Data is the only moat

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

Tech: AWS European Sovereign Cloud

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3