Unrated severityNVD Advisory· Published Oct 2, 2025· Updated Oct 3, 2025
WeGIA: Open Redirect Vulnerability in `control.php` endpoint
CVE-2025-61606
Description
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an Open Redirect vulnerability, identified in the control.php endpoint, specifically in the nextPage parameter (metodo=listarUmnomeClasse=FuncionarioControle). This vulnerability allows attackers to redirect users to arbitrary external domains, enabling phishing campaigns, malicious payload distribution, or user credential theft. This issue is fixed in version 3.5.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 3.5.0
Patches
Vulnerability mechanics
References
2- github.com/LabRedesCefetRJ/WeGIA/commit/85051ad14b1e7fa14116e74a90c0bd5480b2ec84mitrex_refsource_MISC
- github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-m64v-hm7q-33wrmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.