Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable Type Premium Advanced 1.37 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.
References
Link | Resource |
---|---|
https://jvn.jp/en/jp/JVN94245475/index.html | Third Party Advisory |
https://www.sixapart.jp/movabletype/news/2020/11/18-1101.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: jpcert
Published: 2021-10-26T10:10:10
Updated: 2021-10-26T10:10:10
Reserved: 2020-01-06T00:00:00
Link: CVE-2020-5669
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-10-26T11:15:07.550
Modified: 2021-10-29T14:49:43.837
Link: CVE-2020-5669
JSON object: View
Redhat Information
No data.
CWE