CVE-2008-4079

Name of the Vulnerable Software and Affected Versions Movable Type versions 3.36 and earlier Movable Type versions 4.x through 4.20 Movable Type Enterprise versions 1.54 and earlier Movable Type Enterprise versions 4.x through 4.20 Movable Type Community Solution (affected versions not specified)

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Recommendations For Movable Type versions 3.36 and earlier, update to a version later than 3.36. For Movable Type versions 4.x through 4.20, update to a version later than 4.20. For Movable Type Enterprise versions 1.54 and earlier, update to a version later than 1.54. For Movable Type Enterprise versions 4.x through 4.20, update to a version later than 4.20. For Movable Type Community Solution, at the moment, there is no information about a newer version that contains a fix for this issue.