CVE-2019-6025

🗓️ 26 Dec 2019 15:16:50Reported by jpcertType

Open redirect vulnerability in Movable Type series versions allowing remote attackers to conduct phishing attacks via crafted UR

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2019-6025	17 Mar 202410:16	–	circl
CNVD	Six Apart Movable Type Open Redirect Vulnerability	13 Nov 201900:00	–	cnvd
CVE	CVE-2019-6025	26 Dec 201915:16	–	cve
EUVD	EUVD-2019-15593	7 Oct 202500:30	–	euvd
Japan Vulnerability Notes	JVN#65280626: Movable Type vulnerable to open redirect	13 Nov 201900:00	–	jvn
Japan Vulnerability Notes	Movable Type vulnerable to open redirect	13 Nov 201904:59	–	jvn
NVD	CVE-2019-6025	26 Dec 201916:15	–	nvd
OSV	CVE-2019-6025	26 Dec 201916:15	–	osv
Prion	Open redirect	26 Dec 201916:15	–	prion
RedhatCVE	CVE-2019-6025	22 May 202506:30	–	redhatcve

[
  {
    "product": "Movable Type series",
    "vendor": "Six Apart Ltd",
    "versions": [
      {
        "status": "affected",
        "version": "Movable Type 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Advanced 7 r.4602 (7.1.3) and earlier (Movable Type 7), Movable Type Advanced 6.5.0 and 6.5.1 (Movable Type 6.5), Movable Type Advanced 6.3.9 and earlier (Movable Type 6.3.x, 6.2.x, 6.1.x, 6.0.x), Movable Type Premium 1.24 and earlier (Movable Type Premium), and Movable Type Premium (Advanced Edition) 1.24 and earlier (Movable Type Premium)"
      }
    ]
  }
]

Source	Link
jvn	www.jvn.jp/en/jp/JVN65280626/index.html
movabletype	www.movabletype.org/news/2019/11/movable_type_r4603_v714_v652_and_v6310_released.html

26 Dec 2019 15:16Current

6.2Medium risk

Vulners AI Score6.2

EPSS0.0039