2 matches found
CVE-2024-47841
The CVE-2024-47841 affects MediaWiki - CSS Extension. The vulnerability is a Path Traversal flaw in loading stylesheets, enabling improper restriction of pathnames to restricted directories. Affected versions are MediaWiki CSS Extension: 1.39.X up to before 1.39.9; 1.41.X up to before 1.41.3; 1.4...
CVE-2024-47845
CVE-2024-47845 concerns an issue in the MediaWiki CSS Extension where improper encoding/escaping of output enables code injection. Affected range: MediaWiki CSS Extension versions 1.39.x prior to 1.39.9, 1.41.x prior to 1.41.3, and 1.42.x prior to 1.42.2. Root cause is improper output handling in...