Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a specially crafted URL may allow a remote unauthenticated attacker to set a specially crafted URL to the Reset Password page and conduct a phishing attack. Affected products/versions are as follows: Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.5301 and earlier (Movable Type Advanced 7 Series), Movable Type 6.8.7 and earlier (Movable Type 6 Series), Movable Type Advanced 6.8.7 and earlier (Movable Type Advanced 6 Series), Movable Type Premium 1.53 and earlier, and Movable Type Premium Advanced 1.53 and earlier.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Six Apart Movable Type 输入验证错误漏洞
Vulnerability Description
Six Apart Movable Type是美国Six Apart公司的一个应用系统。提供包含多用户,评论,引用(TrackBack),主题等功能。 Six Apart Movable Type 存在安全漏洞,该漏洞源于输入句法正确性验证不当,攻击者利用该漏洞可以将特制 URL 设置到重置密码页面并进行网络钓鱼攻击,以下产品和版本受到影响:Movable Type Movable Type 7 r.5301 及之前版本(Movable Type 7 系列)、Movable Type Movable Ty
CVSS Information
N/A
Vulnerability Type
N/A