PT-2026-1965 · Unknown · Mediawiki - Css Extension

Radman Siddiki

Publicado

2026-01-07

Atualizado

2026-02-23

CVE-2026-0669

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions MediaWiki - CSS extension versions 1.39 through 1.44

Description An issue exists in the MediaWiki - CSS extension related to improper limitation of a pathname to a restricted directory, allowing for path traversal. This can potentially allow unauthorized access to files and directories on the system.

Recommendations MediaWiki - CSS extension version 1.39 is vulnerable and should be updated. MediaWiki - CSS extension version 1.40 is vulnerable and should be updated. MediaWiki - CSS extension version 1.41 is vulnerable and should be updated. MediaWiki - CSS extension version 1.42 is vulnerable and should be updated. MediaWiki - CSS extension version 1.43 is vulnerable and should be updated. MediaWiki - CSS extension version 1.44 is vulnerable and should be updated.

Exploit

Correção

Path traversal

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-22

Identificadores relacionados

CVE-2026-0669

Produtos afetados

Mediawiki - Css Extension

PT-2026-1965 · Unknown · Mediawiki - Css Extension

CVE-2026-0669

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8