CVE-2012-0318

Name of the Vulnerable Software and Affected Versions Movable Type versions prior to 4.38 Movable Type versions 5.0x prior to 5.07 Movable Type versions 5.1x prior to 5.13

Description The issue involves multiple cross-site scripting (XSS) vulnerabilities that allow remote attackers to inject arbitrary web script or HTML. This is achieved through vectors involving templates.

Recommendations For Movable Type versions prior to 4.38, update to version 4.38 or later. For Movable Type versions 5.0x prior to 5.07, update to version 5.07 or later. For Movable Type versions 5.1x prior to 5.13, update to version 5.13 or later.