VYPR

Scribuntu

by Wikimedia Foundation

CVEs (2)

  • CVE-2014-9481Jan 27, 2020
    risk 0.00cvss epss 0.01

    The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.

  • CVE-2013-4570May 12, 2014
    risk 0.00cvss epss 0.02

    The zend_inline_hash_func function in php-luasandbox in the Scribuntu extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to converting…