RSS   Vulnerabilities for 'Six apart movable type'   RSS

2009-07-16
 
CVE-2009-2480

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type 4.24, and 4.25 when global templates are not initialized, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

 

 >>> Vendor: Movabletype 5 Products
Six apart movable type
Movable type advanced
Movable type enterprise
Movable type open source
Movable type pro


Copyright 2024, cxsecurity.com

 

Back to Top