AI Score
Confidence
High
EPSS
Percentile
87.5%
Cross-site scripting (XSS) vulnerability in Movable Type (MT) 3.33, when nofollow is disabled and unmoderated comments are enabled, allows remote attackers to inject arbitrary web script or HTML via the Comments field.
golem.ph.utexas.edu/~distler/blog/archives/001102.html
osvdb.org/32717
secunia.com/advisories/23669
www.vupen.com/english/advisories/2007/0142
www.zackvision.com/weblog/2007/01/movabletype-security-bug.html