Open Redirect in Labredescefetrj Wegia

CVE-2026-35472

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combin…

Vulnerability class: Open Redirect

EPSS: 0.000 (2.7th percentile) — read the EPSS interpretation.

Affected products

Labredescefetrj Wegia — versions < 3.6.9

Weakness classification (CWE)

CWE-601 — URL Redirection to Untrusted Site (Open Redirect)

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-h8wm-6xhv-r547 (x_refsource_CONFIRM)