Lucene search
HistoryJul 17, 2009 - 4:30 p.m.
CVE-2009-2492
cve-2009-2492
xss
vulnerability
mt-wizard.cgi
six apart movable type
nvd
5.7 Medium
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.1%
Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.261 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-2480.
Affected configurations
Node
six_apartmovable_typeRange≤4.25
ORsix_apartmovable_typeMatch1.54enterprise
ORsix_apartmovable_typeMatch2.6
ORsix_apartmovable_typeMatch2.63
ORsix_apartmovable_typeMatch3.3
ORsix_apartmovable_typeMatch3.16
ORsix_apartmovable_typeMatch3.17
ORsix_apartmovable_typeMatch3.32
ORsix_apartmovable_typeMatch3.33
ORsix_apartmovable_typeMatch3.36enterprise
ORsix_apartmovable_typeMatch4
ORsix_apartmovable_typeMatch4community_solution
ORsix_apartmovable_typeMatch4enterprise
ORsix_apartmovable_typeMatch4open_source
ORsix_apartmovable_typeMatch4.20
ORsix_apartmovable_typeMatch4.20community_solution
ORsix_apartmovable_typeMatch4.20enterprise
ORsix_apartmovable_typeMatch4.20open_source
ORsix_apart_ltdmovable_type
ORsix_apart_ltdmovable_typeMatch3.33
ORsixapartmovable_typeMatch1.00enterprise
ORsixapartmovable_typeMatch1.1enterprise
ORsixapartmovable_typeMatch1.2enterprise
ORsixapartmovable_typeMatch1.3enterprise
ORsixapartmovable_typeMatch1.4enterprise
ORsixapartmovable_typeMatch1.5enterprise
ORsixapartmovable_typeMatch1.31enterprise
ORsixapartmovable_typeMatch3.0d
ORsixapartmovable_typeMatch3.1
ORsixapartmovable_typeMatch3.01d
ORsixapartmovable_typeMatch3.2
ORsixapartmovable_typeMatch3.3
ORsixapartmovable_typeMatch3.11
ORsixapartmovable_typeMatch3.12
ORsixapartmovable_typeMatch3.14
ORsixapartmovable_typeMatch3.15
ORsixapartmovable_typeMatch3.16
ORsixapartmovable_typeMatch3.17
ORsixapartmovable_typeMatch3.32
ORsixapartmovable_typeMatch3.33
ORsixapartmovable_typeMatch3.34
ORsixapartmovable_typeMatch3.35
ORsixapartmovable_typeMatch4.0-community_solution
ORsixapartmovable_typeMatch4.0-pro
ORsixapartmovable_typeMatch4.01-community_solution
ORsixapartmovable_typeMatch4.1-community_solution
ORsixapartmovable_typeMatch4.1-pro
ORsixapartmovable_typeMatch4.01-pro
ORsixapartmovable_typeMatch4.01bcommunity_solution
ORsixapartmovable_typeMatch4.01bpro
ORsixapartmovable_typeMatch4.2
ORsixapartmovable_typeMatch4.2-community_solution
ORsixapartmovable_typeMatch4.2-pro
ORsixapartmovable_typeMatch4.12-community_solution
ORsixapartmovable_typeMatch4.12-pro
ORsixapartmovable_typeMatch4.21
ORsixapartmovable_typeMatch4.21-community_solution
ORsixapartmovable_typeMatch4.21-pro
ORsixapartmovable_typeMatch4.23-community_solution
ORsixapartmovable_typeMatch4.23-pro
Related
cvelist
cvelist
CVE-2009-2492
2009-07-17 16:00:00
CVE-2009-2480
2009-07-16 16:00:00
prion
prion
Cross site scripting
2009-07-17 16:30:00
Cross site scripting
2009-07-16 16:30:00
ubuntucve
ubuntucve
CVE-2009-2492
2009-07-17 00:00:00
nvd
nvd
CVE-2009-2492
2009-07-17 16:30:00
CVE-2009-2480
2009-07-16 16:30:00
jvn
jvn
JVN#86472161 Movable Type cross-site scripting vulnerability
2009-06-24 00:00:00
JVN#97248625 Movable Type cross-site scripting vulnerability
2009-04-24 00:00:00
cve
cve
CVE-2009-2480
2009-07-16 16:30:00
nessus
nessus
Movable Type mt-wizard.cgi set_static_uri_to Parameter XSS
2009-06-26 00:00:00
5.7 Medium
AI Score
Confidence
High
2.6 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:N/I:P/A:N
0.003 Low
EPSS
Percentile
68.1%
Related for CVE-2009-2492