CVE-2025-67502

Name of the Vulnerable Software and Affected Versions Taguette versions prior to 1.5.2

Description Taguette is a qualitative research tool susceptible to an open redirect issue. Attackers can create malicious URLs that redirect authenticated users to arbitrary external websites. The application utilizes a user-controlled next parameter in HTTP redirects without proper validation, enabling potential phishing attacks. Victims may be deceived into believing they are interacting with a legitimate Taguette instance while being redirected to a malicious site designed to steal credentials or deliver malware.

Recommendations Update to Taguette version 1.5.2 or later.