Open Redirect Vulnerability in Wikimedia Foundation's Mediawiki - UrlShortener Extension
CVE-2026-58520
6.9MEDIUM
What is CVE-2026-58520?
A vulnerability exists in the Mediawiki - UrlShortener Extension that allows for URL redirection to untrusted sites. This open redirect flaw could potentially be exploited to facilitate cross-site flashing attacks. Users of versions prior to 1.43.9, 1.44.6, and 1.45.4 should be aware of the associated risks and consider updating to mitigate these vulnerabilities. For more information, refer to the official documentation on Phabricator and Gerrit.
Affected Version(s)
Mediawiki - UrlShortener Extension * < 1.43.9, 1.44.6, 1.45.4
