CVE-2025-67502

Taguette is an open source qualitative research tool. In versions 1.5.1 and below, attackers can craft malicious URLs that redirect users to arbitrary external websites after authentication. The application accepts a user-controlled next parameter and uses it directly in HTTP redirects without any validation. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance but are redirected to a malicious site designed to steal credentials or deliver malware. This issue is fixed in version 1.5.2.

CVSS v3 5.4 MEDIUM

5.4^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/remram44/taguette/commit/67de2d2612e7e2572c61cd9627f89c2bfd0f2a36	Patch
https://github.com/remram44/taguette/security/advisories/GHSA-5923-r76v-mprm	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:taguette:taguette:*:*:*:*:*:*:*:*

History

16 Dec 2025, 15:11

Type	Values Removed	Values Added
References	~~() https://github.com/remram44/taguette/commit/67de2d2612e7e2572c61cd9627f89c2bfd0f2a36 -~~	() https://github.com/remram44/taguette/commit/67de2d2612e7e2572c61cd9627f89c2bfd0f2a36 - Patch
References	~~() https://github.com/remram44/taguette/security/advisories/GHSA-5923-r76v-mprm -~~	() https://github.com/remram44/taguette/security/advisories/GHSA-5923-r76v-mprm - Exploit, Third Party Advisory
CPE		cpe:2.3:a:taguette:taguette::::::::
First Time		Taguette taguette Taguette

10 Dec 2025, 00:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-10 00:16

Updated : 2025-12-16 15:11

NVD link : CVE-2025-67502

Mitre link : CVE-2025-67502

CVE.ORG link : CVE-2025-67502

JSON object : View

Products Affected

taguette

taguette

CWE

CWE-601

URL Redirection to Untrusted Site ('Open Redirect')

{"id": "CVE-2025-67502", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.1, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.8}]}, "published": "2025-12-10T00:16:11.600", "references": [{"url": "https://github.com/remram44/taguette/commit/67de2d2612e7e2572c61cd9627f89c2bfd0f2a36", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/remram44/taguette/security/advisories/GHSA-5923-r76v-mprm", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-601"}]}], "descriptions": [{"lang": "en", "value": "Taguette is an open source qualitative research tool. In versions 1.5.1 and below, attackers can craft malicious URLs that redirect users to arbitrary external websites after authentication. The application accepts a user-controlled next parameter and uses it directly in HTTP redirects without any validation. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance but are redirected to a malicious site designed to steal credentials or deliver malware. This issue is fixed in version 1.5.2."}], "lastModified": "2025-12-16T15:11:43.103", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:taguette:taguette:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39254E2C-C17C-46A8-AF9E-1516E0817994", "versionEndExcluding": "1.5.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}