CVE-2024-57030 in Wegia
Summary
by MITRE • 01/17/2025
Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 06/25/2025
The vulnerability identified as CVE-2024-57030 affects Wegia versions prior to 3.2.0 and represents a classic cross site scripting flaw located in the /geral/documentos_funcionario.php endpoint. This vulnerability specifically manifests through the id parameter, which fails to properly sanitize user input before incorporating it into web responses. The affected application processes employee document requests without adequate validation or encoding of input data, creating an exploitable condition where malicious actors can inject arbitrary script code into web pages viewed by other users. This type of vulnerability falls under CWE-79 which specifically addresses cross site scripting vulnerabilities in web applications where untrusted data is incorporated into web pages without proper sanitization or encoding measures.
The operational impact of this vulnerability extends beyond simple script injection as it enables attackers to execute malicious code within the context of a victim's browser session. An attacker could exploit this weakness to steal session cookies, perform unauthorized actions on behalf of users, redirect victims to malicious websites, or even establish persistent backdoors within the application environment. The vulnerability particularly affects employee document management functionality where users might be authenticated and privileged, potentially allowing attackers to access sensitive personnel data or manipulate document records. This weakness represents a significant security risk in enterprise environments where employee data protection is paramount and could lead to compliance violations under data protection regulations such as gdpr or hipaa.
The exploitation of this vulnerability requires minimal technical skill and can be achieved through simple parameter manipulation techniques. Attackers need only craft a malicious payload and inject it into the id parameter of the documentos_funcionario.php endpoint to trigger the XSS condition. The vulnerability demonstrates poor input validation practices and highlights the critical importance of implementing proper output encoding and content security policies. Organizations should consider implementing the principle of least privilege and ensure that all user-supplied input is rigorously validated before being processed or displayed in web responses. Security controls such as web application firewalls and content security policies can provide additional layers of protection while the primary fix involves updating to Wegia version 3.2.0 or later where the XSS vulnerability has been addressed through proper input sanitization and output encoding mechanisms. The vulnerability also aligns with attack techniques described in the attack pattern taxonomy under techniques related to client-side exploitation and session hijacking.