Loading market data...
← Back to CVE feed

CVE-2026-56283

MEDIUM CVSS 5.4 View on NVD ↗

Description

Capgo before 12.128.2 contains an html injection vulnerability in the organization settings endpoint that allows attackers to inject malicious HTML content. Attackers can craft payloads in the organization name field to redirect users to untrusted websites, enabling phishing attacks and reputational damage.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Published: Jul 08, 2026 14:17 UTC Modified: Jul 08, 2026 15:16 UTC