4 matches found
CVE-2026-56228
Capgo before 12.128.2 is vulnerable to improper password policy length validation. An authenticated organization administrator can set an extremely large minimum password length value, causing all users to fail password changes and effectively lock out the organization, resulting in an applicatio...
EUVD-2026-38094
Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...
CVE-2026-56080
Capgo before 12.128.2 has an Enforce Password Policy flaw: after a Super Admin enables the policy and sets a compliant password, the backend does not update the password‑compliance state, so the account remains non‑compliant and the system repeatedly prompts for password resets, effectively locki...
PT-2026-51038
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description A flaw exists in the Enforce Password Policy feature. When a Super Admin enables this policy and updates their password to a compliant one, the backend fails to update the password-compliance state...