Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in Six Apart Movable Type (MT) before 4.23 allow remote attackers to inject arbitrary web script or HTML via a (1) MTEntryAuthorUsername, (2) MTAuthorDisplayName, (3) MTEntryAuthorDisplayName, or (4) MTCommenterName field in a Profile View template; a (5) listing screen or (6) edit screen in the CMS app; (7) a TrackBack title, related to the HTML sanitization library; or (8) a user archive name (aka archive title) on a published Community Blog template.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Sixapart Movable Type跨站脚本攻击漏洞
Vulnerability Description
Movable Type,简称MT,是由位于美国加州的Six Apart公司推出的网志(blog)发布系统。 Six Apart Movable Type (MT) 4.23之前的版本中存在多个跨站脚本攻击漏洞。远程攻击者可以借助剖面查看模板中的(1)MTEntryAuthorUsername(2) MTAuthorDisplayName(3)MTEntryAuthorDisplayName(4)MTCommenterName字段(5)CMS app中的列表屏幕(6)CMS app中的编辑屏幕(7)与HT
CVSS Information
N/A
Vulnerability Type
N/A