7 matches found
CVE-2026-56295
Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the requireapikeyexpiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers with...
EUVD-2026-38122
Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the requireapikeyexpiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers with...
CVE-2026-56295
Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the requireapikeyexpiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers with...
CVE-2026-56295
Capgo is affected pre-12.128.2 by an authorization bypass in webhook management endpoints. The issue allows legacy non-expiring API keys to bypass the require_apikey_expiration policy because checkWebhookPermission does not call apikeyHasOrgRightWithPolicy, enabling those keys to list, create, an...
CVE-2026-56295 Capgo - Policy Enforcement Bypass in Webhook Management Endpoints via Non-Expiring API Keys
Capgo before 12.128.2 contains an authorization bypass vulnerability in webhook management endpoints that allows non-expiring API keys to bypass the requireapikeyexpiration organization policy. The checkWebhookPermission function fails to call apikeyHasOrgRightWithPolicy, enabling attackers with...
CVE-2019-14955
In JetBrains Hub versions earlier than 2018.4.11436, there was no option to force a user to change the password and no password expiration policy was implemented...
How to Use Password Length to Set Best Password Expiration Policy
One of the many features of an Active Directory Password Policy is the maximum password age. Traditional Active Directory environments have long using password aging as a means to bolster password security. Native password aging in the default Active Directory Password Policy is relatively limite...