All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-58520
MEDIUMpublished 2026-07-01 18:16 UTC · 3 days ago · modified 2026-07-01 19:16 UTC
6.9
CVSS / 10
// description
URL redirection to untrusted site ('open redirect') vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing. This issue affects Mediawiki - UrlShortener Extension: from * before 1.43.9, 1.44.6, 1.45.4.
// weaknesses (CWE)
- CWE-601