Lucene search
JpcertCVELIST:CVE-2022-45122HistoryDec 07, 2022 - 12:00 a.m.
CVE-2022-45122
2022-12-0700:00:00
jpcert
www.cve.org
cross-site scripting
movable type
remote attacker
arbitrary script injection
Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.
CNA Affected
[
{
"vendor": "Six Apart Ltd.",
"product": "Movable Type",
"versions": [
{
"version": "Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier",
"status": "affected"
}
]
}
]Related
nvd
nvd
CVE-2022-45122
2022-12-07 04:15:11
cve
cve
CVE-2022-45122
2022-12-07 04:15:11
prion
prion
Cross site scripting
2022-12-07 04:15:00
jvn
jvn
JVN#37014768: Multiple vulnerabilities in Movable Type
2022-11-16 00:00:00