5 matches found
EUVD-2012-0354
Malware in sbrugna...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors involving templates, a different issue than CVE-2012-1262...
CVE-2012-1262
Cross-site scripting XSS vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability th...
CVE-2012-1262
CVE-2012-1262 is a cross-site scripting (XSS) vulnerability in Movable Type’s cgi-bin/mt/mt-wizard.cgi. It affects Movable Type releases prior to 4.38, 5.0x prior to 5.07, and 5.1x prior to 5.13 when the product is incompletely installed. The issue allows remote attackers to inject arbitrary web ...
Movable Type Publishing Platform Cross Site Scripting
Trustwave's SpiderLabs Security Advisory TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform https://www.trustwave.com/spiderlabs/advisories/TWSL2012-003.txt Published: 2012-02-24 Version: 1.0 Vendor: Six Apart http://movabletype.org/ Product: Movable Type Version...