CVE: 2026-23722 January 18, 2026 New year…new vulnerabilities. Reflected Cross-Site Scripting (XSS) vulnerability was discovered this year in the WeGIA system (Web Manager for Charitable Institutions). You will find my own research at cves.