Vulnerabilities (CVE)

Filtered by vendor Wikimedia Subscribe
Filtered by product Wikimedia-extensions-css
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-47845 1 Wikimedia 1 Wikimedia-extensions-css 2024-10-23 N/A 8.2 HIGH
Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Code Injection.This issue affects Mediawiki - CSS Extension: from 1.39.X before 1.39.9, from 1.41.X before 1.41.3, from 1.42.X before 1.42.2.
CVE-2024-47841 1 Wikimedia 1 Wikimedia-extensions-css 2024-10-16 N/A 7.5 HIGH
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Wikimedia Foundation Mediawiki - CSS Extension allows Path Traversal.This issue affects Mediawiki - CSS Extension: from 1.42.X before 1.42.2, from 1.41.X before 1.41.3, from 1.39.X before 1.39.9.