3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
39.9%
Movable Type contains an issue in processing the management page, which may result in a cross-site scripting vulnerability.
An arbitrary script may be executed or a false form may be displayed on the administrator’s web browser.
Update the software
Update to the latest version according to the information provided by the developer.
According to the developer, this vulnerability was addressed in Movable Type 5.2.