CVE-2026-40286 | LabRedesCefetRJ WeGIA up to 3.6.9 Member Name cross site scripting (GHSA-42rc-rvrx-cmmw)

Inserito da Angelo Barbosa | Apr 17, 2026 | CVE

A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.9. It has been classified as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Member Name leads to cross site scripting.

This vulnerability is traded as CVE-2026-40286. It is possible to initiate the attack remotely. There is no exploit available.

Upgrading the affected component is recommended.

CVE-2026-40286 | LabRedesCefetRJ WeGIA up to 3.6.9 Member Name cross site scripting (GHSA-42rc-rvrx-cmmw)

Post correlati

CVE-2026-34533 | InternationalColorConsortium iccDEV 2.3.1.1/2.3.1.2/2.3.1.3/2.3.1.4/2.3.1.5 ICC ApplySequence reliance on undefined, unspecified, or implementation-defined behavior (ID 664)

CVE-2024-37180 | SAP NetWeaver Application Server for ABAP and ABAP Platform information disclosure

CVE-2024-40633 | Sylius up to 1.12.18/1.13.3 on Symfony {id} information disclosure

CVE-2025-9629 | USS Upyun Plugin up to 1.5.0 on WordPress uss_setting_page cross-site request forgery