7.1
CVE-2025-62527
- EPSS 0.05%
- Veröffentlicht 20.10.2025 20:03:29
- Zuletzt bearbeitet 30.10.2025 17:00:06
- Quelle security-advisories@github.com
- CVE-Watchlists
- Unerledigt
LoginTaguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for an attacker to request password reset email containing a malicious link, allowing the attacker to set the email if clicked by the victim. This issue has been patched in version 1.5.0.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.05% | 0.15 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| security-advisories@github.com | 7.1 | 2.8 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
|
CWE-15 External Control of System or Configuration Setting
One or more system settings or configuration elements can be externally controlled by a user.