XSS in Labredescefetrj Wegia

CVE-2026-35399

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, a stored XSS vulnerability allows an attacker to inject malicious scripts through a backup filename. This could lead to unauthorized execution of malicious code in the vic…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (5.0th percentile) — read the EPSS interpretation.