Attackers can execute malicious scripts in the context of a user's session by exploiting a Reflected XSS vulnerability in the WeGIA platform.

A Reflected Cross-Site Scripting (XSS) vulnerability exists in the sccs GET parameter of the /html/memorando/novo_memorandoo.php endpoint. The application directly reflects the input into an HTML alert div without sanitization, allowing an attacker to inject arbitrary JavaScript.

Exploitation of this vulnerability can lead to session hijacking, credential theft (via phishing), and the performance of unauthorized actions on behalf of the victim. If an administrator is targeted, the attacker could gain full control over the WeGIA management interface. The CVSS score of 9.3 reflects the high potential for account takeover.

Immediate Action: Upgrade WeGIA to version 3.6.7 or later to ensure all dynamic success messages are properly encoded before being rendered.

Proactive Monitoring: Monitor web server logs for suspicious URL parameters containing <script> tags or other JavaScript event handlers.

Compensating Controls: Implement a strong Content Security Policy (CSP) to restrict the execution of inline scripts and prevent the loading of scripts from untrusted domains.

Public Exploit Available: false

While XSS is often viewed as less severe than RCE, in a management application like WeGIA, it can lead directly to administrative compromise. Apply the 3.6.7 patch immediately and educate users on the risks of clicking untrusted links.