CVE-2025-62527
HIGHDescription
Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. This issue has been patched in version 1.5.0.
Is your site exposed to CVE-2025-62527?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| taguette | taguette |
References
Frequently Asked Questions
What is CVE-2025-62527? +
How severe is CVE-2025-62527? +
What products are affected by CVE-2025-62527? +
How do I check if I'm vulnerable to CVE-2025-62527? +
Related Vulnerabilities
Via the GUI of the "bestinformed Infoclient", a low-privileged user is by default able to change the server address of …
For TCAS II systems using transponders compliant with MOPS earlier than RTCA DO-181F, an attacker can impersonate a ground station …
HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version …
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system.
Socket Firewall is an HTTP/HTTPS proxy server that intercepts package manager requests and enforces security policies by blocking dangerous packages. …
Post-authenticated external control of system web interface configuration setting vulnerability in Danfoss AK-SM8xxA Series prior to 4.3.1, which could allow …