CVE-2025-22132 | nilsonLazarin WeGIA up to 3.2.6 File Upload controla_xlsx.php cross site scripting (GHSA-h8hr-jhcx-fcv9)

Posted by Angelo Barbosa | Jan 8, 2025 | CVE

A vulnerability classified as problematic was found in nilsonLazarin WeGIA up to 3.2.6. This vulnerability affects unknown code of the file WeGIA/html/socio/sistema/controller/controla_xlsx.php of the component File Upload. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2025-22132. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-22132 | nilsonLazarin WeGIA up to 3.2.6 File Upload controla_xlsx.php cross site scripting (GHSA-h8hr-jhcx-fcv9)

Related Posts

CVE-2024-55626 | OISF Suricata up to 7.0.7 BPF Filter File integer overflow to buffer overflow

CVE-2024-10571 | Chartify Plugin up to 2.9.5 on WordPress source file inclusion

CVE-2024-50311 | graphql Batching denial of service

CVE-2024-37673 | Tessi Docubase Document Management 5.x filename cross site scripting