CVE-2026-22875

Name of the Vulnerable Software and Affected Versions Movable Type versions 7.x and 8.4.x

Description Movable Type has a stored cross-site scripting issue in the Export Sites functionality. An attacker could execute arbitrary script in a logged-in user’s web browser by storing crafted input.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.