Radman Siddiki

**Name of the Vulnerable Software and Affected Versions** MediaWiki - VisualData Extension version 1.45 **Description** An inefficient regular expression complexity issue exists in the MediaWiki - VisualData Extension. This allows for a Regular Expression Exponential Blowup, potentially leading to a denial of service. The issue is triggered by crafted user input. **Recommendations** Update MediaWiki - VisualData Extension to a version that addresses this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MediaWiki - CSS extension versions 1.39 through 1.44 **Description** An issue exists in the MediaWiki - CSS extension related to improper limitation of a pathname to a restricted directory, allowing for path traversal. This can potentially allow unauthorized access to files and directories on the system. **Recommendations** MediaWiki - CSS extension version 1.39 is vulnerable and should be updated. MediaWiki - CSS extension version 1.40 is vulnerable and should be updated. MediaWiki - CSS extension version 1.41 is vulnerable and should be updated. MediaWiki - CSS extension version 1.42 is vulnerable and should be updated. MediaWiki - CSS extension version 1.43 is vulnerable and should be updated. MediaWiki - CSS extension version 1.44 is vulnerable and should be updated.