Vulnerability Details Vulnerability Type: Open Redirect Severity: Moderate (CVSS v4.0 Score: 4.8/10) Affected Versions: <= 3.6.1 Patched Version: 3.6.2 Summary An Open Redirect vulnerability was identified in the endpoint of the WeGIA application. The vulnerability is triggered via the parameter when combined with and . Impact Redirect users to phishing pages designed to steal credentials. Redirect users to malicious sites hosting malware or dangerous content. Perform social engineering attacks using trusted URLs from the WeGIA domain. Potentially interfere with authentication or session-handling flows. Damage user trust in the WeGIA platform. Proof of Concept (PoC) Request Behavior The server accepts the crafted request and redirects the victim to instead of restricting navigation to the application's own domain. Recommendation Implement strict allowlist validation for redirect parameters (only allow internal pages under the same domain). If redirection is required, enforce the use of relative paths, such as or , instead of absolute external URLs. Encode, sanitize, and validate all user-supplied input before processing redirects. Consider adding a confirmation page warning users before leaving the trusted domain.