PT-2026-25878 · Unknown · Url Redirect Extension

Guido Schmechel

Publicado

2026-03-17

Atualizado

2026-03-17

CVE-2026-4202

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. (affected versions not specified)

Description The extension does not properly verify if an authenticated user has the necessary permissions to access redirects. This results in the exposure of redirect records when a page is edited. The issue concerns a failure in permission checks related to redirect access.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Missing Authorization

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862CWE-200

Identificadores relacionados

CVE-2026-4202

GHSA-755R-R738-MJGP

Produtos afetados

Url Redirect Extension

PT-2026-25878 · Unknown · Url Redirect Extension

CVE-2026-4202

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7