CVE-2026-56283
Deferred Deferred - Pending Action

HTML Injection in Capgo Organization Settings

Vulnerability report for CVE-2026-56283, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-08

Last updated on: 2026-07-08

Assigner: VulnCheck

Description

Capgo before 12.128.2 contains an html injection vulnerability in the organization settings endpoint that allows attackers to inject malicious HTML content. Attackers can craft payloads in the organization name field to redirect users to untrusted websites, enabling phishing attacks and reputational damage.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-08
Last Modified
2026-07-08
Generated
2026-07-08
AI Q&A
2026-07-08
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
cap-go capgo to 12.128.2 (exc)
capgo capgo to 12.128.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Compliance Impact

The vulnerability allows attackers to inject malicious HTML content that can redirect users to untrusted websites, facilitating phishing attacks and reputational damage.

Such phishing attacks and potential brand abuse could lead to violations of data protection and security requirements found in common standards and regulations like GDPR and HIPAA, which mandate protecting user data and ensuring secure user interactions.

However, the provided information does not explicitly state the direct impact on compliance with these regulations.

Executive Summary

CVE-2026-56283 is an HTML injection vulnerability found in Capgo versions before 12.128.2, specifically in the organization settings endpoint.

Attackers can exploit this flaw by injecting malicious HTML content through the organization name field. This allows them to craft payloads that redirect users to untrusted or malicious websites.

This vulnerability is classified under CWE-79 (Improper Neutralization of Input During Web Page Generation, or Cross-site Scripting) and can lead to phishing attacks and reputational damage.

Impact Analysis

The vulnerability can impact you by enabling attackers to redirect users to untrusted or malicious websites through crafted HTML payloads.

  • Phishing attacks that trick users into revealing sensitive information.
  • Reputational damage due to brand abuse and trust degradation.
  • Potential security bypasses by exploiting the injected HTML content.

Exploitation requires user interaction, such as clicking on a malicious link.

Detection Guidance

This vulnerability involves HTML injection in the organization name field of Capgo versions before 12.128.2, which can be detected by monitoring for unusual or malicious HTML content in that input field.

Detection can include auditing input points where the organization name is accepted and checking for injected HTML tags or scripts.

Additionally, monitoring redirection behavior to untrusted websites can help identify exploitation attempts.

Specific commands are not provided in the available resources.

Mitigation Strategies

Immediate mitigation steps include sanitizing user input to disallow HTML tags in the organization name field.

Implementing a Content Security Policy (CSP) to restrict the execution of malicious scripts is also recommended.

Auditing all input points for similar injection vulnerabilities and monitoring redirection behavior to detect suspicious activity are important.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-56283. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart