Primary

Context

Taguette Password Reset Link Poisoning Vulnerability

Vulnerability

A vulnerability exists in Taguette versions prior to 1.5.0, allowing attackers to manipulate password reset links. By sending a reset request with a malicious Host header, an attacker could direct the link to an arbitrary hostname. If the victim clicked the link, the reset token would be sent to the attacker, enabling them to reset the victim's password. This issue has been addressed in Taguette version 1.5.0.

Impact

Exploitation of this vulnerability allows for password reset link poisoning, where an attacker can intercept reset tokens intended for the victim.

Reproduction

To reproduce this vulnerability, request a password reset while supplying an arbitrary hostname in the Host header. When the victim clicks the link, the reset token is sent to the attacker.

Remediation

Users are advised to upgrade to Taguette version 1.5.0.

Added: Oct 20, 2025, 8:21 PM

Updated: Oct 20, 2025, 8:21 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.3

remediation

7.7

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.3

remediation

7.7

relevance

0.7

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Taguette Password Reset Link Poisoning Vulnerability

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating