Open Redirect in Drawing-captcha Drawing-captcha-app

CVE-2025-62428

Drawing-Captcha APP provides interactive, engaging verification for Web-Based Applications. The vulnerability is a Host Header Injection in the /register and /confirm-email endpoints. It allows an attacker to manipulate the Host header in…

Vulnerability class: Open Redirect

EPSS: 0.004 (33.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References