Vulnerability Details CVE-2025-62528
Taguette is an open source qualitative research tool. An issue has been discovered in Taguette versions prior to 1.5.0. It was possible for a project member to put JavaScript in name or description fields which would run on project load. This issue has been patched in version 1.5.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 8.3%
CVSS Severity
CVSS v3 Score 5.4
References
Products affected by CVE-2025-62528
-
cpe:2.3:a:taguette:taguette:0.1
-
cpe:2.3:a:taguette:taguette:0.10
-
cpe:2.3:a:taguette:taguette:0.10.1
-
cpe:2.3:a:taguette:taguette:0.11
-
cpe:2.3:a:taguette:taguette:0.2
-
cpe:2.3:a:taguette:taguette:0.3
-
cpe:2.3:a:taguette:taguette:0.4
-
cpe:2.3:a:taguette:taguette:0.4.1
-
cpe:2.3:a:taguette:taguette:0.4.2
-
cpe:2.3:a:taguette:taguette:0.4.3
-
cpe:2.3:a:taguette:taguette:0.4.4
-
cpe:2.3:a:taguette:taguette:0.5
-
cpe:2.3:a:taguette:taguette:0.6
-
cpe:2.3:a:taguette:taguette:0.7
-
cpe:2.3:a:taguette:taguette:0.8
-
cpe:2.3:a:taguette:taguette:0.9
-
cpe:2.3:a:taguette:taguette:0.9.1
-
cpe:2.3:a:taguette:taguette:0.9.2
-
cpe:2.3:a:taguette:taguette:1.0.0
-
cpe:2.3:a:taguette:taguette:1.0.1
-
cpe:2.3:a:taguette:taguette:1.1.0
-
cpe:2.3:a:taguette:taguette:1.1.1
-
cpe:2.3:a:taguette:taguette:1.2.0
-
cpe:2.3:a:taguette:taguette:1.3.0
-
cpe:2.3:a:taguette:taguette:1.4.0
-
cpe:2.3:a:taguette:taguette:1.4.1