Cross-site scripting vulnerability in Movable Type series allows a remote authenticated attacker to inject an arbitrary script. Affected products/versions are as follows: Movable Type 7 r.5405 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5405 and earlier (Movable Type 7 Series), Movable Type Premium 1.58 and earlier, Movable Type Premium Advanced 1.58 and earlier, Movable Type Cloud Edition (Version 7) r.5405 and earlier, and Movable Type Premium Cloud Edition 1.58 and earlier.
History

Tue, 29 Oct 2024 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: jpcert

Published: 2023-10-30T04:57:43.561Z

Updated: 2024-10-29T18:23:10.383Z

Reserved: 2023-10-12T05:42:52.133Z

Link: CVE-2023-45746

cve-icon Vulnrichment

Updated: 2024-08-02T20:29:32.220Z

cve-icon NVD

Status : Modified

Published: 2023-10-30T05:15:09.993

Modified: 2024-11-21T08:27:17.743

Link: CVE-2023-45746

cve-icon Redhat

No data.