Description

The Hytale Modding Wiki is a free service for Hytale mods to host their documentation & wikis. An Insecure Direct Object Reference (IDOR) vulnerability in versions of the wiki prior to 1.0.0 exposes mod authors' personal information - including full names and email addresses - to any authenticated user who visits a mod page. Any user who creates an account can access sensitive author details by simply navigating to a mod's page via its slug. Version 1.0.0 fixes the issue.

INFO

Published Date :

2026-03-18T22:06:10.884Z

Last Modified :

2026-03-19T16:57:46.390Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-32736 vulnerability.

Vendors Products
Hytalemodding
  • Wiki
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-32736.

URL Resource
https://github.com/HytaleModding/wiki/commit/4a96b3f9bce9a9d34030c39a8d6e4c6b6183f13d cve-icon cve-icon
https://github.com/HytaleModding/wiki/security/advisories/GHSA-xvq7-wwhx-x2fh cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact