MediaWiki Score
By the Year
In 2024 there have been 0 vulnerabilities in MediaWiki Score . Last year Score had 1 security vulnerability published. Right now, Score is on track to have less security vulnerabilities in 2024 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 1 | 9.80 |
2022 | 0 | 0.00 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Score vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MediaWiki Score Security Vulnerabilities
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable
CVE-2020-29007
9.8 - Critical
- April 15, 2023
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.
Code Injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MediaWiki Score or by MediaWiki? Click the Watch button to subscribe.