CVE-2025-67502
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-10

Last updated on: 2025-12-16

Assigner: GitHub, Inc.

Description
Taguette is an open source qualitative research tool. In versions 1.5.1 and below, attackers can craft malicious URLs that redirect users to arbitrary external websites after authentication. The application accepts a user-controlled next parameter and uses it directly in HTTP redirects without any validation. This can be exploited for phishing attacks where victims believe they are interacting with a trusted Taguette instance but are redirected to a malicious site designed to steal credentials or deliver malware. This issue is fixed in version 1.5.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-10
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-14
NVD
CVE-2025-67502
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
taguette taguette to 1.5.2 (inc)
taguette taguette 1.5.2
taguette taguette 1.5.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

This vulnerability can lead to phishing attacks, credential theft, and malware distribution by redirecting users to malicious external sites after authentication. Such security incidents can result in unauthorized access to personal or sensitive data, potentially violating data protection regulations like GDPR and HIPAA that require safeguarding user data and ensuring secure authentication processes. Therefore, the presence of this vulnerability may negatively impact compliance with these standards by increasing the risk of data breaches and unauthorized data exposure. [2]

Detection Guidance

This vulnerability can be detected by monitoring HTTP requests to the Taguette instance for URLs containing the 'next' parameter with external domains. For example, you can use network traffic inspection tools or web server logs to search for requests where the 'next' parameter points to an external URL. A simple command to search web server logs for such patterns could be: grep -E 'next=https?://[^/]' access.log. Additionally, you can test manually by attempting to access URLs like https://[your-taguette-instance]/login?next=https://malicious-site.com and observe if the redirect occurs after login or cookie acceptance. Detecting redirects to external sites after login or cookie acceptance indicates the presence of the vulnerability. [2]

Executive Summary

This vulnerability in Taguette versions 1.5.1 and below allows attackers to create malicious URLs that redirect users to arbitrary external websites after they authenticate. The application uses a user-controlled 'next' parameter directly in HTTP redirects without validating it, enabling attackers to perform phishing attacks by redirecting victims from a trusted Taguette instance to malicious sites designed to steal credentials or deliver malware.

Impact Analysis

This vulnerability can lead to phishing attacks where users believe they are interacting with a legitimate Taguette instance but are redirected to malicious websites. This can result in stolen credentials or malware infections, potentially compromising user accounts and system security.

Mitigation Strategies

Upgrade Taguette to version 1.5.2 or later, as this version contains the fix for the vulnerability involving unvalidated redirects via the next parameter.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67502. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart