Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-29007

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.

Published

2023-04-15T22:15:06.977

Last Modified

2025-02-06T17:15:12.007

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses

Type: Primary
CWE-94
Type: Secondary
CWE-94

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	mediawiki	score	≤ 0.3.0	Yes

References

https://github.com/seqred-s-a/cve-2020-29007 Exploit, Mitigation, Third Party Advisory ([email protected])
https://phabricator.wikimedia.org/T257062 Exploit, Third Party Advisory ([email protected])
https://seqred.pl/en/cve-2020-29007-remote-code-execution-in-mediawiki-score/ Exploit, Third Party Advisory ([email protected])
https://www.mediawiki.org/wiki/Extension:Score Vendor Advisory ([email protected])
https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory Vendor Advisory ([email protected])
https://github.com/seqred-s-a/cve-2020-29007 Exploit, Mitigation, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://phabricator.wikimedia.org/T257062 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://seqred.pl/en/cve-2020-29007-remote-code-execution-in-mediawiki-score/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.mediawiki.org/wiki/Extension:Score Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)