2 matches found
CVE-2022-38972
CVE-2022-38972 is a cross-site scripting vulnerability in the Movable Type plugin A-Form . Affected versions are: prior to 4.1.1 for Movable Type 7 Series, and prior to 3.9.1 for Movable Type 6 Series. The flaw lets a remote, unauthenticated attacker inject arbitrary scripts into users’ browsers....
CVE-2011-2676
The CVE-2011-2676 issue concerns the A-Form family of Movable Type plug-ins (A-Form bamboo <1.3.6 and 2.x <2.0.3; A-Form PC/PC-Mobile