PT-2006-5818 · Six Apart · Movable Type+1

Publicado

2006-09-29

Atualizado

2017-07-20

CVE-2006-5080

CVSS v2.0

4.3

Média

Vetor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Movable Type versions 3.3 through 3.32 Movable Type Enterprise versions 1.01 through 1.02

Description A cross-site scripting (XSS) issue exists in the search function, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For Movable Type versions 3.3 through 3.32, update to a version that fixes the XSS vulnerability in the search function. For Movable Type Enterprise versions 1.01 through 1.02, update to a version that fixes the XSS vulnerability in the search function.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2006-5080

Produtos afetados

Movable Type

Movable Type Enterprise

PT-2006-5818 · Six Apart · Movable Type+1

CVE-2006-5080

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 9