Improper Validation Vulnerability in Capgo by Capgo
CVE-2026-56312
6.9MEDIUM
What is CVE-2026-56312?
Capgo versions before 12.128.2 are affected by an improper validation vulnerability within the accept_invitation endpoint, which allows attackers to create user accounts without proper captcha validation. By sending POST requests with invalid captcha tokens, malicious actors can circumvent captcha protection, leading to the unauthorized creation of accounts and the potential exploitation of invite links.
Affected Version(s)
Capgo 0 < 12.128.2
Capgo 12.128.2
