CVE-2026-58520 UrlShortener defaults to ineffective validation open to third-party redirects
URL redirection to untrusted site 'open redirect' vulnerability in The Wikimedia Foundation Mediawiki - UrlShortener Extension allows Cross-Site Flashing. This issue affects Mediawiki - UrlShortener Extension: from before 1.43.9, 1.44.6, 1.45.4...