Lucene search
JpcertCVELIST:CVE-2021-20663HistoryMar 05, 2021 - 9:20 a.m.
CVE-2021-20663
2021-03-0509:20:20
jpcert
www.cve.org
0.001 Low
EPSS
Percentile
47.2%
Cross-site scripting vulnerability in in Role authority setting screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CNA Affected
[
{
"product": "Movable Type",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier"
}
]
}
]Related
cve
cve
CVE-2021-20663
2021-03-05 10:15:12
prion
prion
Cross site scripting
2021-03-05 10:15:00
nvd
nvd
CVE-2021-20663
2021-03-05 10:15:12
cnvd
cnvd
Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22654)
2021-02-26 00:00:00
jvn
jvn
JVN#66542874: Multiple cross-site scripting vulnerabilities in Movable Type
2021-02-24 00:00:00