Project Subscriptions
No data.
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 10 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 10 Jul 2026 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Capgo before 12.128.2 contains an improper validation vulnerability in the accept_invitation endpoint that creates user accounts before captcha validation is enforced. Attackers can bypass captcha protection by sending POST requests with invalid captcha tokens to create unwanted accounts and burn invite links. | |
| Title | Capgo - Account Creation Before CAPTCHA Validation in accept_invitation Endpoint | |
| Weaknesses | CWE-287 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2026-07-10T17:01:05.178Z
Reserved: 2026-06-20T12:53:19.893Z
Link: CVE-2026-56312
Updated: 2026-07-10T16:49:37.205Z
No data.
No data.
OpenCVE Enrichment
No data.