Skip to main content

Urlshortener

1 CVEs product

Monthly

CVE-2026-13706 NONE Awaiting Data

Improper input validation in Wikimedia Foundation's UrlShortener extension (includes/UrlShortenerUtils.php) exposes a potential information disclosure path accessible to low-privileged authenticated users over the network. The vulnerability is classified under CWE-20 and tagged as an information disclosure issue, though the provided CVSS 4.0 vector records zero impact across all dimensions - a notable contradiction with the 'Information Disclosure' tag that warrants independent verification. No public exploit code exists and no active exploitation has been confirmed.

Information Disclosure PHP Urlshortener
NVD VulDB
EPSS
0.3%
EPSS 0%
NONE Awaiting Data

Improper input validation in Wikimedia Foundation's UrlShortener extension (includes/UrlShortenerUtils.php) exposes a potential information disclosure path accessible to low-privileged authenticated users over the network. The vulnerability is classified under CWE-20 and tagged as an information disclosure issue, though the provided CVSS 4.0 vector records zero impact across all dimensions - a notable contradiction with the 'Information Disclosure' tag that warrants independent verification. No public exploit code exists and no active exploitation has been confirmed.

Information Disclosure PHP Urlshortener
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy