Lucene search
JpcertCVELIST:CVE-2021-20665HistoryMar 05, 2021 - 9:20 a.m.
CVE-2021-20665
2021-03-0509:20:21
jpcert
www.cve.org
2
cross-site scripting
movable type
remote attackers
arbitrary script
EPSS
0.001
Percentile
47.1%
Cross-site scripting vulnerability in in Add asset screen of Contents field of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
CNA Affected
[
{
"product": "Movable Type",
"vendor": "Six Apart Ltd.",
"versions": [
{
"status": "affected",
"version": "Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier"
}
]
}
]Related
nvd
nvd
CVE-2021-20665
2021-03-05 10:15:12
cve
cve
CVE-2021-20665
2021-03-05 10:15:12
prion
prion
Cross site scripting
2021-03-05 10:15:00
cnvd
cnvd
Six Apart Movable Type Cross-Site Scripting Vulnerability (CNVD-2022-22652)
2021-03-11 00:00:00
jvn
jvn
JVN#66542874: Multiple cross-site scripting vulnerabilities in Movable Type
2021-02-24 00:00:00