13 matches found
CVE-2026-39936
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
EUVD-2026-19982
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Score Extension...
CVE-2026-39936
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
CVE-2026-39936 Stored XSS in Score due to usage of non-reserved data attributes
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
CVE-2026-39936 Stored XSS in Score due to usage of non-reserved data attributes
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
CVE-2026-39936
Affected software: Wikimedia Foundation MediaWiki - Score Extension. Vulnerability: Stored XSS due to improper neutralization of input during web page generation via non-reserved data attributes. Impact: Cross-Site Scripting with low impacts to confidentiality, integrity, and availability, as per...
PT-2026-31045
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Score Extension...
MediaWiki Score Extension 安全漏洞
The MediaWiki Score Extension is an open-source extension component for rendering musical scores in MediaWiki. The MediaWiki Score Extension has a security vulnerability, which stems from improper input during page generation, potentially leading to cross-site scripting attacks...
CVE-2020-29007
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
CVE-2020-29007
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
Remote code execution
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
CVE-2020-29007
The Score extension through 0.3.0 for MediaWiki has a remote code execution vulnerability due to improper sandboxing of the GNU LilyPond executable. This allows any user with an ability to edit articles potentially including unauthenticated anonymous users to execute arbitrary Scheme or shell cod...
CVE-2020-29007
The CVE-2020-29007 entry concerns MediaWiki’s Score extension up to version 0.3.0, where the vulnerability arises from improper sandboxing of the GNU LilyPond executable. This allows any user with article-edit capability—potentially unauthenticated users—to trigger remote code execution by crafti...