- Description
- WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the fid parameter. Tests confirmed that the server processes URLs up to 8,142 characters, resulting in high resource consumption, elevated latency, timeouts, and read errors. This makes the server susceptible to Denial of Service (DoS) attacks. This vulnerability is fixed in 3.3.0.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Primary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-770
- Hype score
- Not currently trending
CVE-2025-53531 WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue … https://t.co/dT2QKs1E5c
@CVEnew
7 Jul 2025
272 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-53531: HIGH] Web manager, WeGIA, had a vulnerability allowing long HTTP requests due to lack of parameter validation. Fixed in version 3.3.0 to prevent DoS attacks. #CyberSecurity.#cve,CVE-2025-53531,#cybersecurity https://t.co/pY7ddjg83P https://t.co/E5y0WPA4zj
@CveFindCom
7 Jul 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A371F331-E444-4D03-A552-453B736D12A8",
"versionEndExcluding": "3.3.0"
}
],
"operator": "OR"
}
]
}
]