Unknown · Movable Type · CVE-2025-25054
**Name of the Vulnerable Software and Affected Versions**
Movable Type (affected versions not specified)
**Description**
Movable Type contains a reflected cross-site scripting issue in the user information edit page. When the Multi-Factor authentication plugin is enabled and a user accesses a crafted page while logged in, an arbitrary script may be executed on the user's web browser.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.