CVE-2019-6025

Name of the Vulnerable Software and Affected Versions Movable Type versions 7.1.3 and earlier Movable Type 6.5.0 and 6.5.1 Movable Type versions 6.3.9 and earlier Movable Type Advanced versions 7.1.3 and earlier Movable Type Advanced 6.5.0 and 6.5.1 Movable Type Advanced versions 6.3.9 and earlier Movable Type Premium versions 1.24 and earlier Movable Type Premium (Advanced Edition) versions 1.24 and earlier

Description The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL. This can lead to unauthorized access and potential security breaches.

Recommendations For Movable Type versions 7.1.3 and earlier, update to a version later than 7.1.3. For Movable Type 6.5.0 and 6.5.1, update to a version later than 6.5.1. For Movable Type versions 6.3.9 and earlier, update to a version later than 6.3.9. For Movable Type Advanced versions 7.1.3 and earlier, update to a version later than 7.1.3. For Movable Type Advanced 6.5.0 and 6.5.1, update to a version later than 6.5.1. For Movable Type Advanced versions 6.3.9 and earlier, update to a version later than 6.3.9. For Movable Type Premium versions 1.24 and earlier, update to a version later than 1.24. For Movable Type Premium (Advanced Edition) versions 1.24 and earlier, update to a version later than 1.24.