17 matches found
CVE-2026-0669
A flaw was found in the MediaWiki CSS extension. This vulnerability, categorized as a Path Traversal, allows a remote attacker to access restricted directories. By manipulating file paths, an attacker can read arbitrary files on the server, potentially leading to the disclosure of sensitive...
CVE-2026-0669
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39...
CVE-2026-0669
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39...
CVE-2026-0669 Path Traversal vulnerability in CSS extension on certain web servers
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39...
CVE-2026-0669
CVE-2026-0669 affects the MediaWiki CSS extension versions 1.39–1.44. The vulnerability is an improper limitation of a pathname to a restricted directory (path traversal) that could allow a remote attacker to read arbitrary server files, potentially leading to sensitive disclosures. Exploitation ...
MediaWiki - CSS extension 安全漏洞
MediaWiki - CSS extension is an open source CSS extension plugin for MediaWiki. A security vulnerability exists in MediaWiki - CSS extension versions 1.44, 1.43, and 1.39, which stems from an improperly restricted pathname and can lead to path traversal...
PT-2026-1965
Name of the Vulnerable Software and Affected Versions MediaWiki - CSS extension versions 1.39 through 1.44 Description An issue exists in the MediaWiki - CSS extension related to improper limitation of a pathname to a restricted directory, allowing for path traversal. This can potentially allow...
EUVD-2024-42706
Malicious code in bioql PyPI...
EUVD-2024-42707
Malicious code in bioql PyPI...
CVE-2024-47841
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9...
CVE-2024-47845
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
CVE-2024-47845
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
CVE-2024-47841 Path traversal when loading stylesheets
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9...
CVE-2024-47841
The CVE-2024-47841 affects MediaWiki - CSS Extension. The vulnerability is a Path Traversal flaw in loading stylesheets, enabling improper restriction of pathnames to restricted directories. Affected versions are MediaWiki CSS Extension: 1.39.X up to before 1.39.9; 1.41.X up to before 1.41.3; 1.4...
CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
CVE-2024-47845 CSS sanitizer used incorrectly, and is easily bypassed
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2...
PT-2024-32846 · Wikimedia Foundation · Mediawiki - Css Extension
Name of the Vulnerable Software and Affected Versions: Mediawiki - CSS Extension versions 1.39.X through 1.39.8 Mediawiki - CSS Extension versions 1.41.X through 1.41.2 Mediawiki - CSS Extension versions 1.42.X through 1.42.1 Description: The issue is related to a Path Traversal vulnerability,...