Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References 10 Total
- securitytracker.com: 1029588 vdb-entry
- http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html
- secunia.com: 56405 third-party-advisory
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304
- secunia.com: 56295 third-party-advisory
- debian.org: DSA-2841 vendor-advisory
- exchange.xforce.ibmcloud.com: movabletype-richtexteditor-xss(90095) vdb-entry
- seclists.org: [oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 mailing-list
- seclists.org: [oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 mailing-list
- securityfocus.com: 64657 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 10 Total
- securitytracker.com: 1029588 vdb-entryx_transferred
- http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html x_transferred
- secunia.com: 56405 third-party-advisoryx_transferred
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304 x_transferred
- secunia.com: 56295 third-party-advisoryx_transferred
- debian.org: DSA-2841 vendor-advisoryx_transferred
- exchange.xforce.ibmcloud.com: movabletype-richtexteditor-xss(90095) vdb-entryx_transferred
- seclists.org: [oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 mailing-listx_transferred
- seclists.org: [oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161 mailing-listx_transferred
- securityfocus.com: 64657 vdb-entryx_transferred