CVE-2011-5084

Sixapart Movable Type - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References (2)

[Patch, Vendor Advisory] http://www.movabletype.org/2011/05/movable_type_51_and_505_436_security_update.html

[Third Party Advisory] http://www.debian.org/security/2012/dsa-2423

Scores

EPSS 0.0026

EPSS Percentile 49.4%

Classification

CWE

CWE-79

Status published

Affected Products (50)

sixapart/movable_type

... and 35 more

Timeline

Published Apr 02, 2012

Tracked Since Feb 18, 2026