CVE-2026-56332 | Capgo up to 12.128.1 confirm-signup Endpoint confirmation_url redirect (GHSA-24q8-ghqq-m8cj)

Inserito da Angelo Barbosa | Giu 20, 2026 | CVE

A vulnerability described as problematic has been identified in Capgo up to 12.128.1. This issue affects some unknown processing of the component confirm-signup Endpoint. The manipulation of the argument confirmation_url results in open redirect.

This vulnerability is reported as CVE-2026-56332. The attack can be launched remotely. No exploit exists.

Upgrading the affected component is recommended.

CVE-2026-56332 | Capgo up to 12.128.1 confirm-signup Endpoint confirmation_url redirect (GHSA-24q8-ghqq-m8cj)

Post correlati

CVE-2025-9831 | PHPGurukul Beauty Parlour Management System 1.1 /admin/edit-services.php sername sql injection

CVE-2023-50303 | IBM InfoSphere Information Server 11.7 Web UI cross site scripting (XFDB-273333)

CVE-2024-0626 | WooCommerce Clover Payment Gateway Plugin up to 1.3.1 on WordPress callback_handler authorization

CVE-2024-5474 | Lenovo Dolby Vision Provisioning software prior 2.0.0.2 default permission