{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-23723", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2026-01-15T15:45:01.955Z", "datePublished": "2026-01-16T19:27:26.790Z", "dateUpdated": "2026-01-16T21:36:57.181Z"}, "containers": {"cna": {"title": "WeGIA has a Critical SQL Injection in Atendido_ocorrenciaControle via id_memorando parameter", "problemTypes": [{"descriptions": [{"cweId": "CWE-89", "lang": "en", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp"}, {"name": "https://github.com/LabRedesCefetRJ/WeGIA/pull/1333", "tags": ["x_refsource_MISC"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/pull/1333"}, {"name": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2", "tags": ["x_refsource_MISC"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2"}], "affected": [{"vendor": "LabRedesCefetRJ", "product": "WeGIA", "versions": [{"version": "< 3.6.2", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-16T19:27:26.790Z"}, "descriptions": [{"lang": "en", "value": "WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was identified in the Atendido_ocorrenciaControle endpoint via the id_memorando parameter. This flaw allows for full database exfiltration, exposure of sensitive PII, and potential arbitrary file reads in misconfigured environments. This vulnerability is fixed in 3.6.2."}], "source": {"advisory": "GHSA-xfmp-2hf9-gfjp", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-16T21:36:43.337043Z", "id": "CVE-2026-23723", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T21:36:57.181Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-23723", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-16T21:36:43.337043Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-16T21:36:52.331Z"}}], "cna": {"title": "WeGIA has a Critical SQL Injection in Atendido_ocorrenciaControle via id_memorando parameter", "source": {"advisory": "GHSA-xfmp-2hf9-gfjp", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "LabRedesCefetRJ", "product": "WeGIA", "versions": [{"status": "affected", "version": "< 3.6.2"}]}], "references": [{"url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp", "name": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/LabRedesCefetRJ/WeGIA/pull/1333", "name": "https://github.com/LabRedesCefetRJ/WeGIA/pull/1333", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2", "name": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was identified in the Atendido_ocorrenciaControle endpoint via the id_memorando parameter. This flaw allows for full database exfiltration, exposure of sensitive PII, and potential arbitrary file reads in misconfigured environments. This vulnerability is fixed in 3.6.2."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2026-01-16T19:27:26.790Z"}}}, "cveMetadata": {"cveId": "CVE-2026-23723", "state": "PUBLISHED", "dateUpdated": "2026-01-16T21:36:57.181Z", "dateReserved": "2026-01-15T15:45:01.955Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2026-01-16T19:27:26.790Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*", "matchCriteriaId": "419B3A85-5754-4198-A73E-92A9DA8E7A68", "versionEndExcluding": "3.6.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an authenticated SQL Injection vulnerability was identified in the Atendido_ocorrenciaControle endpoint via the id_memorando parameter. This flaw allows for full database exfiltration, exposure of sensitive PII, and potential arbitrary file reads in misconfigured environments. This vulnerability is fixed in 3.6.2."}], "id": "CVE-2026-23723", "lastModified": "2026-01-30T18:28:51.853", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2026-01-16T20:15:50.163", "references": [{"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/pull/1333"}, {"source": "security-advisories@github.com", "tags": ["Release Notes"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-89"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-18T05:42:04.092730+00:00", "value": {"mitigation_remediation": ["Upgrade WeGIA to version 3.6.2 or later to apply the vendor\u2011supplied fix.", "Review and enforce least\u2011privilege database permissions so the application interacts with the database using the minimal privileges required.", "Implement logging and monitoring of the Atendido_ocorrenciaControle endpoint, and consider adding a web application firewall rule to block malformed id_memorando parameters to deter injection attempts."], "summary": {"action": "Immediate Patch", "impact": "SQL Injection allowing full database exfiltration and exposure of sensitive PII"}, "threat_synthesis": {"affected_systems": "The vulnerability affects installations of WeGIA prior to version 3.6.2. The application is developed and distributed by LabRedesCefetRJ. Versions older than 3.6.2 are unpatched; the fix is included in release 3.6.2 and later.", "description_and_impact": "An authenticated SQL Injection flaw exists in the Atendido_ocorrenciaControle endpoint of the WeGIA web manager, triggered via the id_memorando parameter. Because the attacker can insert arbitrary SQL, the flaw permits full database exfiltration, sensitive personal data exposure, and, in misconfigured setups, arbitrary file reads. The weakness is a classic injection error (CWE\u201189).", "risk_and_exploitability": "The CVSS score of 7.2 indicates a high severity level, while the EPSS score of <1% suggests a low but non-zero probability of exploitation at this time. The vulnerability is not listed in the CISA KEV catalog. Attackers would need authenticated access to the application, likely by compromising legitimate user credentials, to supply malicious id_memorando values. Once active, the injection can lead to full data exfiltration or file reads if misconfigured database permissions exist."}}}}, "created": "2026-01-19T09:20:18.928973+00:00", "updated": "2026-04-18T05:45:38.176860+00:00", "vendors": ["wegia", "wegia$PRODUCT$wegia"]}