Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAuthorDisplayName, (3) MTEntryAuthorDisplayName, or (4) MTCommenterName field in a Profile View template; a (5) listing screen or (6) edit screen in the CMS app; (7) a TrackBack title, related to the HTML sanitization library; or (8) a user archive name (aka archive title) on a published Community Blog template.
2009-01-05T20:30:02.327
2025-04-09T00:30:58.490
Deferred
CVSSv2: 4.3 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | sixapart | movable_type | ≤ 4.21 | Yes |
| Application | sixapart | movable_type | 3.0d | Yes |
| Application | sixapart | movable_type | 3.1 | Yes |
| Application | sixapart | movable_type | 3.01d | Yes |
| Application | sixapart | movable_type | 3.2 | Yes |
| Application | sixapart | movable_type | 3.3 | Yes |
| Application | sixapart | movable_type | 3.11 | Yes |
| Application | sixapart | movable_type | 3.12 | Yes |
| Application | sixapart | movable_type | 3.14 | Yes |
| Application | sixapart | movable_type | 3.15 | Yes |
| Application | sixapart | movable_type | 3.16 | Yes |
| Application | sixapart | movable_type | 3.17 | Yes |
| Application | sixapart | movable_type | 3.32 | Yes |
| Application | sixapart | movable_type | 3.33 | Yes |
| Application | sixapart | movable_type | 3.34 | Yes |
| Application | sixapart | movable_type | 3.35 | Yes |
| Application | sixapart | movable_type | 4.2 | Yes |