4 matches found
CVE-2025-54856
Movable Type is affected by a stored XSS in Edit ContentData (CVE-2025-54856). Exploitation requires input stored by a user with ContentType Management privileges, leading to script execution in the browser of users who access the Edit ContentData page. The issue is confirmed in multiple advisori...
EUVD-2025-35656
Movable Type contains a stored cross-site scripting vulnerability in Edit ContentData page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit ContentData page...
CVE-2025-54856
Movable Type contains a stored cross-site scripting vulnerability in Edit ContentData page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit ContentData page...
Six Apart Movable Type 跨站脚本漏洞
Six Apart Movable Type is an application from Six Apart USA. Six Apart Movable Type is an application from Six Apart, Inc. that provides features such as multiple users, comments, references TrackBack, topics, and more. A cross-site scripting vulnerability exists in Six Apart Movable Type, which...