CVE-2026-58520

Summary

URL redirection to untrusted site ('open redirect') vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing.

This issue affects Mediawiki - UrlShortener Extension: from * before 1.43.9, 1.44.6, 1.45.4.

Affected Software

VendorProductVersion RangeStatus
The Wikimedia FoundationMediawiki - UrlShortener Extension* < 1.43.9, 1.44.6, 1.45.4affected

Weaknesses

  • CWE-601: CWE-601 URL redirection to untrusted site ('open redirect')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References