Description
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39.
Published: 2026-01-07
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Path traversal vulnerability
Action: Patch Immediately
AI Analysis

Impact

This vulnerability arises from improper pathname validation in the MediaWiki CSS extension, permitting path traversal. Based on the description, it is inferred that an attacker could construct crafted URLs to reference files outside the intended extension directory. The weakness is identified as CWE‑22.

Affected Systems

Affected products include the MediaWiki CSS extension versions 1.39, 1.43, and 1.44. The vulnerability is documented for these releases and would impact any MediaWiki installation deploying the CSS extension in these versions. No newer versions are listed as affected.

Risk and Exploitability

The CVSS score of 7.5 indicates high severity, while the EPSS score of less than 1% suggests a low likelihood of exploitation at present. The vulnerability is not listed in the CISA KEV catalog. Based on the description, it is inferred that exploitation would involve an attacker sending specially crafted requests to the extension directory to bypass pathname restrictions.

Generated by OpenCVE AI on April 18, 2026 at 16:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the MediaWiki CSS extension to the latest patched version or upgrade the entire MediaWiki installation to a release where this issue is fixed.
  • Verify that file and directory permissions for the CSS extension and its configuration directories are set to the minimum required for operation.
  • Deploy web application firewall rules or server configuration changes that block URLs containing directory traversal patterns such as ".." or encoded equivalents.

Generated by OpenCVE AI on April 18, 2026 at 16:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 23 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Css Project
Css Project css
CPEs cpe:2.3:a:css_project:css:-:*:*:*:*:mediawiki:*:*
cpe:2.3:a:mediawiki:mediawiki:1.39.0:-:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.43.0:-:*:*:*:*:*:*
cpe:2.3:a:mediawiki:mediawiki:1.44.0:*:*:*:*:*:*:*
Vendors & Products Css Project
Css Project css

Thu, 08 Jan 2026 10:00:00 +0000

Type Values Removed Values Added
First Time appeared Mediawiki
Mediawiki mediawiki
Wikimedia
Wikimedia mediawiki-css Extension
Vendors & Products Mediawiki
Mediawiki mediawiki
Wikimedia
Wikimedia mediawiki-css Extension

Thu, 08 Jan 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Moderate

Wed, 07 Jan 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Wed, 07 Jan 2026 18:00:00 +0000

Type Values Removed Values Added
Description Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Wikimedia Foundation MediaWiki - CSS extension allows Path Traversal.This issue affects MediaWiki - CSS extension: 1.44, 1.43, 1.39.
Title Path Traversal vulnerability in CSS extension on certain web servers
Weaknesses CWE-22
References

Subscriptions

Css Project Css
Mediawiki Mediawiki
Wikimedia Mediawiki-css Extension
cve-icon MITRE

Status: PUBLISHED

Assigner: wikimedia-foundation

Published:

Updated: 2026-01-07T19:21:57.287Z

Reserved: 2026-01-07T16:35:00.729Z

Link: CVE-2026-0669

cve-icon Vulnrichment

Updated: 2026-01-07T19:21:11.932Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-07T18:15:53.003

Modified: 2026-02-23T18:45:28.033

Link: CVE-2026-0669

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-01-07T17:46:57Z

Links: CVE-2026-0669 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T17:00:05Z

Weaknesses