Taichi Kaminogoya

**Name of the Vulnerable Software and Affected Versions** Movable Type Enterprise (MTE) versions 1.x through 1.55 Movable Type (MT) versions 3.x through 3.37 Movable Type, Movable Type Open Source (MTOS), and Movable Type Enterprise versions 4.x through 4.22 **Description** A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to application management. **Recommendations** For Movable Type Enterprise (MTE) versions 1.x through 1.55, update to version 1.56 or later. For Movable Type (MT) versions 3.x through 3.37, update to version 3.38 or later. For Movable Type, Movable Type Open Source (MTOS), and Movable Type Enterprise versions 4.x through 4.22, update to version 4.23 or later.