published date: July 14, 2025

CVE-2025-53821 : WeGIA is an open...

Description

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the `nextPage` parameter, leading to an uncontrolled redirection. Version 3.4.5 contains a fix for the issue.

CVSS:4.7 [Critical]
EPSS:0.03%
Exploitability:2.8
In KEV:No

Question to Ask Vendors:

Can you confirm whether your systems are affected by CVE-2025-53821, and if so, what steps are you currently taking to mitigate this vulnerability?
What is your estimated timeline for fully resolving CVE-2025-53821 in your products or services, and how will you communicate updates on this issue to us as your customer?

Recommended Actions:

Check out the advisory links provided below.

References:

http://webappsec.pbworks.com/URL-Redirector-Abuse
https://capec.mitre.org/data/definitions/178.html
https://nvd.nist.gov/vuln/detail/CVE-2025-53821

READY TO GET RESULTS YOU CAN TRUST?

Get a Demo Contact Sales