CVE-2020-29007

The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles (potentially including unauthenticated anonymous users) to execute arbitrary Scheme or shell code by using crafted {{Image data to generate musical scores containing malicious code.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mediawiki:score:*:*:*:*:*:mediawiki:*:*

History

26 Apr 2023, 16:13

Type Values Removed Values Added
CWE CWE-94
CPE cpe:2.3:a:mediawiki:score:*:*:*:*:*:mediawiki:*:*
References (MISC) https://phabricator.wikimedia.org/T257062 - (MISC) https://phabricator.wikimedia.org/T257062 - Exploit, Third Party Advisory
References (MISC) https://seqred.pl/en/cve-2020-29007-remote-code-execution-in-mediawiki-score/ - (MISC) https://seqred.pl/en/cve-2020-29007-remote-code-execution-in-mediawiki-score/ - Exploit, Third Party Advisory
References (MISC) https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory - (MISC) https://www.mediawiki.org/wiki/Extension:Score/2021_security_advisory - Vendor Advisory
References (MISC) https://github.com/seqred-s-a/cve-2020-29007 - (MISC) https://github.com/seqred-s-a/cve-2020-29007 - Exploit, Mitigation, Third Party Advisory
References (MISC) https://www.mediawiki.org/wiki/Extension:Score - (MISC) https://www.mediawiki.org/wiki/Extension:Score - Vendor Advisory
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.8

17 Apr 2023, 13:12

Type Values Removed Values Added
New CVE

Information

Published : 2023-04-15 22:15

Updated : 2024-02-04 23:37


NVD link : CVE-2020-29007

Mitre link : CVE-2020-29007

CVE.ORG link : CVE-2020-29007


JSON object : View

Products Affected

mediawiki

  • score
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')