The vulnerability causes the cpp-httplib HTTP client to forward stored Basic Auth, Bearer Token, and Digest Auth credentials to any host encountered while following cross‑origin HTTP redirects (301/302/307/308). Consequently, an attacker can receive plaintext credentials in the Authorization header when the client redirects to a malicious domain. This constitutes a confidentiality breach, described by CWE‑200, and could allow an adversary to impersonate users or access protected resources.

The affected product is yhirose:cpp-httplib, a C++11 header‑only HTTP/HTTPS library. Versions before 0.39.0 are vulnerable. Users running these older releases are subject to credential leakage when automatic redirect handling is enabled.

The vulnerability has a CVSS score of 7.4, indicating high severity. The EPSS score is less than 1%, suggesting low current exploit probability, and the issue is not listed in CISA’s KEV catalog. The likely attack vector involves an attacker controlling a server that issues a redirect to a malicious host, which captures the Authorization header sent by the client. If the client transmits credentials across the redirect, the attacker gains those credentials. Exploitation requires the client to follow the redirect automatically, which is the default behavior of the library.