JVN#37014768: Multiple vulnerabilities in Movable Type

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below.

Improper Validation of Syntactic Correctness of Input (CWE-1286) - CVE-2022-45113

Cross-site Scripting (CWE-79) - CVE-2022-45122

Improper Neutralization of Server-Side Includes (SSI) Within a Web Page (CWE-97) - CVE-2022-43660

Impact

• Having a user to access a specially crafted URL may allow a remote attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack - CVE-2022-45113
• An arbitrary script may be executed on the web browser of the user who is accessing the site using the product - CVE-2022-45122
• A remote authenticated attacker with the Privilege of “Manage of Content Types” may execute an arbitrary Perl script and/or an arbitrary OS command - CVE-2022-43660

Solution

Update the Software
Apply the appropriate update according to the information provided by the developer.
The developer has released the following updates that contain fixes for these vulnerabilities:

• Movable Type 7 r.5401 (Movable Type 7 Series)
• Movable Type Advanced 7 r.5401 (Movable Type Advanced 7 Series)
• Movable Type 6.8.8 (Movable Type 6 Series)
• Movable Type Advanced 6.8.8 (Movable Type Advanced 6 Series)
• Movable Type Premium 1.54
• Movable Type Premium Advanced 1.54

Products Affected

CVE-2022-45113、CVE-2022-45122

• Movable Type 7 r.5301 and earlier (Movable Type 7 Series)

• Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series)

• Movable Type 6.8.7 and earlier (Movable Type 6 Series)

• Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series)

• Movable Type Premium 1.53 and earlier

• Movable Type Premium Advanced 1.53 and earlier
  CVE-2022-43660

• Movable Type 7 r.5301 and earlier (Movable Type 7 Series)

• Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series)

• Movable Type Premium 1.53 and earlier

• Movable Type Premium Advanced 1.53 and earlier