Movable Type@5.0 Security Vulnerabilities and Issues — Movable Type@5.0 CVE List

Lucene search

SixapartMovable Type5.0

5 matches found

CVE•added 2012/03/03 4:4 a.m.•50 views

CVE-2012-0320

Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script.

7.5CVSS6.9AI score0.01207EPSS

CVE•added 2012/03/03 4:4 a.m.•43 views

CVE-2012-0317

Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script.

6.8CVSS7.4AI score0.00295EPSS

CVE•added 2012/04/02 6:55 p.m.•42 views

CVE-2011-5085

Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors.

7.5CVSS6.6AI score0.0046EPSS

CVE•added 2012/04/02 6:55 p.m.•37 views

CVE-2011-5084

Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00263EPSS

CVE•added 2010/05/19 10:30 p.m.•33 views

CVE-2010-1985

Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors.

4.3CVSS5.8AI score0.00516EPSS