CVE-2026-13707

Session fixation vulnerability in Wikimedia Foundation OAuth.

 This vulnerability is associated with program files src/Backend/MWOAuthServer.Php.



This issue affects OAuth: from * through 1.46.0, 1.45.4, 1.44.6, 1.43.9.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---