2 matches found
CVE-2022-38972
CVE-2022-38972 is a cross-site scripting vulnerability in the Movable Type plugin A-Form . Affected versions are: prior to 4.1.1 for Movable Type 7 Series, and prior to 3.9.1 for Movable Type 6 Series. The flaw lets a remote, unauthenticated attacker inject arbitrary scripts into users’ browsers....
CVE-2022-38972
Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 for Movable Type 7 Series and versions prior to 3.9.1 for Movable Type 6 Series allows a remote unauthenticated attacker to inject an arbitrary script...