THREATOPS
THREAT OPSThreat News › [NVD] CVE-2026-13707 (HIGH 7.6) — Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.

[NVD] CVE-2026-13707 (HIGH 7.6) — Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.

mednvdPublished 2026-07-01

CVE-2026-13707 CVSS: 7.6 HIGH Published: 2026-07-01T16:16:31.743

Session fixation vulnerability in Wikimedia Foundation OAuth.

This vulnerability is associated with program files src/Backend/MWOAuthServer.Php.

This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.

Indicators of compromise

Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-13707