PT-2026-26164 · Unknown · Hytale Modding Wiki
Liamsystems
·
Published
2026-03-18
·
Updated
2026-05-05
·
CVE-2026-32736
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Hytale Modding Wiki versions prior to 1.0.0
Description
An Insecure Direct Object Reference (IDOR) exists in the Hytale Modding Wiki. This allows any authenticated user to access personal information of mod authors, including their full names and email addresses, by visiting a mod page through its slug. The issue affects versions of the wiki prior to version 1.0.0.
Recommendations
Update to version 1.0.0 or later.
Exploit
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Hytale Modding Wiki