CVE-2025-22888

Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in user's web browser...

CVE-2025-22888

Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in user's web browser...

PT-2025-7542 · Unknown · Movable Type

Name of the Vulnerable Software and Affected Versions: Movable Type affected versions not specified Description: Movable Type contains a stored cross-site scripting vulnerability in the custom block edit page of MT Block Editor. If exploited, an arbitrary script may be executed on a logged-in...

PHP Object Injection

intelliants/subrion is vulnerable to PHP object injection. The vulnerability exists through the serialized data in the subpages value within admin/blocks.php to block/edit...

Croogo cross-site scripting vulnerability (CNVD-2019-03591)

Croogo is a content management system CMS based on the CakePHP framework development . The system provides content type can be customized for Blog, Node, Page, content editing using WYSIWYG editor and other features. A cross-site scripting vulnerability exists in Croogo 3.0.5 and earlier versions...