Score MediaWiki Score

Do you want an email whenever new security vulnerabilities are reported in MediaWiki Score?

By the Year

In 2023 there have been 1 vulnerability in MediaWiki Score with an average score of 9.8 out of ten. Score did not have any published security vulnerabilities last year. That is, 1 more vulnerability have already been reported in 2023 as compared to last year.

Year Vulnerabilities Average Score
2023 1 9.80
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Score vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent MediaWiki Score Security Vulnerabilities

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable

CVE-2020-29007 9.8 - Critical - April 15, 2023

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.

Code Injection

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for MediaWiki Score or by MediaWiki? Click the Watch button to subscribe.

MediaWiki
Vendor

subscribe