Lucene search
+L

4 matches found

NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-56233

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS0.00451EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:8 p.m.23 views

CVE-2026-56233 Capgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload Proxy

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS0.00451EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:8 p.m.14 views

CVE-2026-56233

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy. Authenticated users with build permissions can bypass upload restrictions by appending traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling access to internal admi...

8.7CVSS5.8AI score0.00451EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 10:8 p.m.4 views

CVE-2026-56233 Capgo - SSRF and Privilege Escalation via Path Traversal in Builder Upload Proxy

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS6AI score0.00451EPSS
Exploits0References4
Rows per page
Query Builder