THREAT OPS › Threat News › [NVD] CVE-2026-13707 (HIGH 7.6) — Session fixation vulnerability in Wikimedia Foundation OAuth.
This vulnerability is associated with program files src/Backend/MWOAuthServer.Php.
This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.
[NVD] CVE-2026-13707 (HIGH 7.6) — Session fixation vulnerability in Wikimedia Foundation OAuth. This vulnerability is associated with program files src/Backend/MWOAuthServer.Php. This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.
CVE-2026-13707 CVSS: 7.6 HIGH Published: 2026-07-01T16:16:31.743
Session fixation vulnerability in Wikimedia Foundation OAuth.
This vulnerability is associated with program files src/Backend/MWOAuthServer.Php.
This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.
Indicators of compromise
- CVE-2026-13707cve
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-13707