Malicious scripts can be executed in a user's browser via a Reflected XSS vulnerability in the WeGIA active memorandum listing endpoint.

This is a Reflected Cross-Site Scripting (XSS) vulnerability in the sccd GET parameter of the /html/memorando/listar_memorandos_ativos.php script. The application fails to sanitize or encode the parameter before reflecting it into an HTML alert component, enabling arbitrary script execution.

A successful exploit could allow an attacker to steal session cookies, redirect users to malicious websites, or capture sensitive information displayed on the page. Given the CVSS score of 9.3, the risk of administrative account compromise via this vector is significant, potentially leading to unauthorized institutional data access.

Immediate Action: Update WeGIA to version 3.6.7 or later. This version contains the necessary output encoding to mitigate XSS risks across the Memorando module.

Proactive Monitoring: Review web logs for requests to listar_memorandos_ativos.php that include HTML tags or JavaScript keywords in the query string.

Compensating Controls: Deploy a Web Application Firewall (WAF) to detect and block common XSS attack patterns in HTTP GET requests.

Public Exploit Available: false

The recurrence of XSS vulnerabilities in multiple endpoints suggests a systemic lack of input validation and output encoding. Administrators should apply the 3.6.7 update immediately and consider a comprehensive security code review of the entire WeGIA application to identify other similar flaws.