CVE-2025-25054

Name of the Vulnerable Software and Affected Versions Movable Type (affected versions not specified)

Description Movable Type contains a reflected cross-site scripting issue in the user information edit page. When the Multi-Factor authentication plugin is enabled and a user accesses a crafted page while logged in, an arbitrary script may be executed on the user's web browser.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.