Hidetomo Hosono

**Name of the Vulnerable Software and Affected Versions** PowerCMS versions 5.12 and earlier PowerCMS versions 4.42 and earlier PowerCMS versions 3.293 and earlier **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. This can lead to phishing attacks. **Recommendations** For PowerCMS versions 5.12 and earlier, update to a version later than 5.12. For PowerCMS versions 4.42 and earlier, update to a version later than 4.42. For PowerCMS versions 3.293 and earlier, update to a version later than 3.293.

**Name of the Vulnerable Software and Affected Versions** Movable Type versions 7.1.3 and earlier Movable Type 6.5.0 and 6.5.1 Movable Type versions 6.3.9 and earlier Movable Type Advanced versions 7.1.3 and earlier Movable Type Advanced 6.5.0 and 6.5.1 Movable Type Advanced versions 6.3.9 and earlier Movable Type Premium versions 1.24 and earlier Movable Type Premium (Advanced Edition) versions 1.24 and earlier **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. This can lead to unauthorized access and potential security breaches. **Recommendations** For Movable Type versions 7.1.3 and earlier, update to a version later than 7.1.3. For Movable Type 6.5.0 and 6.5.1, update to a version later than 6.5.1. For Movable Type versions 6.3.9 and earlier, update to a version later than 6.3.9. For Movable Type Advanced versions 7.1.3 and earlier, update to a version later than 7.1.3. For Movable Type Advanced 6.5.0 and 6.5.1, update to a version later than 6.5.1. For Movable Type Advanced versions 6.3.9 and earlier, update to a version later than 6.3.9. For Movable Type Premium versions 1.24 and earlier, update to a version later than 1.24. For Movable Type Premium (Advanced Edition) versions 1.24 and earlier, update to a version later than 1.24.