CVE-2021-39362

Name of the Vulnerable Software and Affected Versions ReCaptcha Solver version 5.7

Description A security issue was discovered in ReCaptcha Solver, related to the handling of responses from certain servers, including Anti-Captcha.com, RuCaptcha.com, 2captcha.com, DEATHbyCAPTCHA.com, ImageTyperz.com, and BestCaptchaSolver.com. The setCaptchaCode() function inserts these responses into the DOM as HTML, allowing for full control over the user's browser. This issue is associated with a lack of protection for the web page structure, potentially enabling a remote attacker to gain control over the browser.

Recommendations For ReCaptcha Solver version 5.7, consider disabling the setCaptchaCode() function until a patch is available to prevent the insertion of potentially malicious HTML into the DOM. Restrict access to the DOM to minimize the risk of exploitation. Avoid using the responses from the mentioned servers in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.