EUVD-2022-48040

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Cross-site scripting vulnerability in Movable Type 7 and earlier allows script injection by attackers.

Reporter	Title	Published	Views	Family All 11
CNNVD	Six Apart Movable Type 跨站脚本漏洞	16 Nov 202200:00	–	cnnvd
CVE	CVE-2022-45122	7 Dec 202200:00	–	cve
Cvelist	CVE-2022-45122	7 Dec 202200:00	–	cvelist
Japan Vulnerability Notes	JVN#37014768: Multiple vulnerabilities in Movable Type	16 Nov 202200:00	–	jvn
Japan Vulnerability Notes	Multiple vulnerabilities in Movable Type	16 Nov 202208:07	–	jvn
NVD	CVE-2022-45122	7 Dec 202204:15	–	nvd
OSV	CVE-2022-45122	7 Dec 202204:15	–	osv
Prion	Cross site scripting	7 Dec 202204:15	–	prion
Positive Technologies	PT-2022-27408 · Unknown · Movable Type Premium +3	7 Dec 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-45122	23 May 202500:16	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "4360ca7e-2b03-3b0c-a898-4d19777d5f57",
        "vendor": {
          "name": "Six Apart Ltd."
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "a074cb0f-5e80-31ca-aef8-a53ffd6c0f34",
        "product": {
          "name": "Movable Type"
        },
        "product_version": "Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier"
      }
    ]
  }
]

Source	Link
movabletype	www.movabletype.org/news/2022/11/mt-796-688-released.html
jvn	www.jvn.jp/en/jp/JVN37014768/index.html

03 Oct 2025 20:07Current

6.5Medium risk

Vulners AI Score6.5

CVSS 3.16.1

EPSS0.00847

SSVC