Information disclosure in Labredescefetrj Wegia
CVE-2026-42873
WeGIA is a web manager for charitable institutions. In versions prior to 3.6.10, when attempting to upload a file with malicious content to funcionario/docdependente_upload.php, the application responds with an overly descriptive error mes…
Vulnerability class: Information Disclosure
EPSS: 0.000 (9.7th percentile) — read the EPSS interpretation.
Affected products
- Labredescefetrj Wegia — versions < 3.6.10
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)