CVE-2012-1503
Movable Type Pro 5.13 - Cross-Site Scripting via Comment Section
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2012-1503. PoCs published by sqlhacker.
AI-analyzed exploit summary This exploit demonstrates a stored XSS vulnerability in Movable Type Pro 5.13en, allowing arbitrary JavaScript injection via a crafted comment. The PoC uses a simple JavaScript alert to prove the vulnerability.
Description
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.
Exploits (1)
This exploit demonstrates a stored XSS vulnerability in Movable Type Pro 5.13en, allowing arbitrary JavaScript injection via a crafted comment. The PoC uses a simple JavaScript alert to prove the vulnerability.