CVE-2020-5576

Name of the Vulnerable Software and Affected Versions Movable Type versions prior to 7.2.1 Movable Type Advanced versions prior to 7.2.1 Movable Type for AWS versions prior to 7.2.1 Movable Type 6.5 versions prior to 6.5.3 Movable Type Advanced 6.5 versions prior to 6.5.3 Movable Type 6.3 versions prior to 6.3.11 Movable Type Advanced 6.3 versions prior to 6.3.11 Movable Type Premium versions prior to 1.29 Movable Type Premium Advanced versions prior to 1.29

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack the authentication of administrators via unspecified vectors.

Recommendations For Movable Type versions prior to 7.2.1, update to version 7.2.1 or later. For Movable Type Advanced versions prior to 7.2.1, update to version 7.2.1 or later. For Movable Type for AWS versions prior to 7.2.1, update to version 7.2.1 or later. For Movable Type 6.5 versions prior to 6.5.3, update to version 6.5.3 or later. For Movable Type Advanced 6.5 versions prior to 6.5.3, update to version 6.5.3 or later. For Movable Type 6.3 versions prior to 6.3.11, update to version 6.3.11 or later. For Movable Type Advanced 6.3 versions prior to 6.3.11, update to version 6.3.11 or later. For Movable Type Premium versions prior to 1.29, update to version 1.29 or later. For Movable Type Premium Advanced versions prior to 1.29, update to version 1.29 or later.