Six Apart Movable Type (MT) is a blogging system from Six Apart, Inc. A cross-site scripting vulnerability exists in Six Apart Movable Type, which stems from a lack of validation and escaping of user-supplied data in the search screen, and could be exploited by remote attackers to trick victims into clicking on a specially crafted link on a vulnerable website and execute arbitrary HTML and scripting code in the user’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
six apart movable type | le | 6.8.0 | |
six apart movable type premium | le | 1.44 | |
six apart movable type premium advanced | le | 1.44 |