MidnightBSD

Advisories for movabletype

CVE-2012-0318 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors involving templates, a different issue than CVE-2012-1262.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
movabletype movable_type_open_source 4.36
movabletype movable_type_pro 4.261
movabletype movable_type_enterprise 4.261
movabletype movable_type_advanced 4.34
movabletype movable_type_pro 4.3
movabletype movable_type_enterprise 4.34
movabletype movable_type_pro 4.0
movabletype movable_type_advanced *
movabletype movable_type_pro 5.11
movabletype movable_type_open_source 4.31
movabletype movable_type_advanced 5.02
movabletype movable_type_advanced 5.1
movabletype movable_type_enterprise 4.1
movabletype movable_type_advanced 4.35
movabletype movable_type_open_source 4.26
movabletype movable_type_enterprise 4.01
movabletype movable_type_open_source 5.12
movabletype movable_type_pro 5.051
movabletype movable_type_enterprise 5.12
movabletype movable_type_open_source 4.3
movabletype movable_type_pro 4.26
movabletype movable_type_pro 5.031
movabletype movable_type_advanced 5.03
movabletype movable_type_open_source 4.35
movabletype movable_type_open_source 5.031
movabletype movable_type_pro 4.36
movabletype movable_type_open_source 5.05
movabletype movable_type_advanced 4.01
movabletype movable_type_advanced 4.261
movabletype movable_type_pro 5.05
movabletype movable_type_enterprise 5.051
movabletype movable_type_advanced 5.04
movabletype movable_type_enterprise 5.02
movabletype movable_type_advanced 4.26
movabletype movable_type_enterprise 5.031
movabletype movable_type_advanced 5.11
movabletype movable_type_pro 4.32
movabletype movable_type_enterprise 5.04
movabletype movable_type_pro 4.33
movabletype movable_type_open_source 4.01
movabletype movable_type_advanced 4.361
movabletype movable_type_enterprise 4.361
movabletype movable_type_pro 5.02
movabletype movable_type_advanced 4.1
movabletype movable_type_advanced 4.3
movabletype movable_type_enterprise 5.05
movabletype movable_type_open_source 5.1
movabletype movable_type_enterprise 4.35
movabletype movable_type_open_source 4.0
movabletype movable_type_open_source 4.1
movabletype movable_type_enterprise 5.1
movabletype movable_type_open_source 5.11
movabletype movable_type_advanced 4.33
movabletype movable_type_enterprise 4.2
movabletype movable_type_pro 4.35
movabletype movable_type_pro 4.31
movabletype movable_type_enterprise 4.26
movabletype movable_type_enterprise 4.36
movabletype movable_type_advanced 4.23
movabletype movable_type_advanced 4.36
movabletype movable_type_advanced 5.05
movabletype movable_type_open_source 4.33
movabletype movable_type_enterprise 4.32
movabletype movable_type_pro 4.01
movabletype movable_type_pro 4.1
movabletype movable_type_advanced 5.031
movabletype movable_type_enterprise 4.3
movabletype movable_type_open_source 4.34
movabletype movable_type_enterprise 4.0
movabletype movable_type_pro 5.12
movabletype movable_type_open_source *
movabletype movable_type_pro 5.04
movabletype movable_type_advanced 5.051
movabletype movable_type_advanced 5.12
movabletype movable_type_advanced 4.25
movabletype movable_type_enterprise 5.06
movabletype movable_type_advanced 4.32
movabletype movable_type_pro 4.25
movabletype movable_type_pro 5.03
movabletype movable_type_pro 4.34
movabletype movable_type_enterprise 4.25
movabletype movable_type_open_source 4.23
movabletype movable_type_enterprise 4.23
movabletype movable_type_open_source 4.361
movabletype movable_type_enterprise 5.11
movabletype movable_type_pro 4.361
movabletype movable_type_enterprise 5.03
movabletype movable_type_open_source 5.06
movabletype movable_type_open_source 4.261
movabletype movable_type_enterprise 4.33
movabletype movable_type_pro 4.23
movabletype movable_type_advanced 4.2
movabletype movable_type_pro 4.2
movabletype movable_type_open_source 5.03
movabletype movable_type_advanced 4.31
movabletype movable_type_enterprise *
movabletype movable_type_advanced 4.0
movabletype movable_type_advanced 5.06
movabletype movable_type_open_source 4.2
movabletype movable_type_open_source 4.32
movabletype movable_type_open_source 5.02
movabletype movable_type_open_source 5.051
movabletype movable_type_open_source 5.04
movabletype movable_type_pro *
movabletype movable_type_open_source 4.25
movabletype movable_type_pro 5.06
movabletype movable_type_enterprise 4.31
movabletype movable_type_pro 5.1
CVE-2012-0319 MEDIUM

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
movabletype movable_type_open_source 4.36
movabletype movable_type_pro 4.261
movabletype movable_type_enterprise 4.261
movabletype movable_type_advanced 4.34
movabletype movable_type_pro 4.3
movabletype movable_type_enterprise 4.34
movabletype movable_type_pro 4.0
movabletype movable_type_advanced *
movabletype movable_type_pro 5.11
movabletype movable_type_open_source 4.31
movabletype movable_type_advanced 5.02
movabletype movable_type_advanced 5.1
movabletype movable_type_enterprise 4.1
movabletype movable_type_advanced 4.35
movabletype movable_type_open_source 4.26
movabletype movable_type_enterprise 4.01
movabletype movable_type_open_source 5.12
movabletype movable_type_pro 5.051
movabletype movable_type_enterprise 5.12
movabletype movable_type_open_source 4.3
movabletype movable_type_pro 4.26
movabletype movable_type_pro 5.031
movabletype movable_type_advanced 5.03
movabletype movable_type_open_source 4.35
movabletype movable_type_open_source 5.031
movabletype movable_type_pro 4.36
movabletype movable_type_open_source 5.05
movabletype movable_type_advanced 4.01
movabletype movable_type_advanced 4.261
movabletype movable_type_pro 5.05
movabletype movable_type_enterprise 5.051
movabletype movable_type_advanced 5.04
movabletype movable_type_enterprise 5.02
movabletype movable_type_advanced 4.26
movabletype movable_type_enterprise 5.031
movabletype movable_type_advanced 5.11
movabletype movable_type_pro 4.32
movabletype movable_type_enterprise 5.04
movabletype movable_type_pro 4.33
movabletype movable_type_open_source 4.01
movabletype movable_type_advanced 4.361
movabletype movable_type_enterprise 4.361
movabletype movable_type_pro 5.02
movabletype movable_type_advanced 4.1
movabletype movable_type_advanced 4.3
movabletype movable_type_enterprise 5.05
movabletype movable_type_open_source 5.1
movabletype movable_type_enterprise 4.35
movabletype movable_type_open_source 4.0
movabletype movable_type_open_source 4.1
movabletype movable_type_enterprise 5.1
movabletype movable_type_open_source 5.11
movabletype movable_type_advanced 4.33
movabletype movable_type_enterprise 4.2
movabletype movable_type_pro 4.35
movabletype movable_type_pro 4.31
movabletype movable_type_enterprise 4.26
movabletype movable_type_enterprise 4.36
movabletype movable_type_advanced 4.23
movabletype movable_type_advanced 4.36
movabletype movable_type_advanced 5.05
movabletype movable_type_open_source 4.33
movabletype movable_type_enterprise 4.32
movabletype movable_type_pro 4.01
movabletype movable_type_pro 4.1
movabletype movable_type_advanced 5.031
movabletype movable_type_enterprise 4.3
movabletype movable_type_open_source 4.34
movabletype movable_type_enterprise 4.0
movabletype movable_type_pro 5.12
movabletype movable_type_open_source *
movabletype movable_type_pro 5.04
movabletype movable_type_advanced 5.051
movabletype movable_type_advanced 5.12
movabletype movable_type_advanced 4.25
movabletype movable_type_enterprise 5.06
movabletype movable_type_advanced 4.32
movabletype movable_type_pro 4.25
movabletype movable_type_pro 5.03
movabletype movable_type_pro 4.34
movabletype movable_type_enterprise 4.25
movabletype movable_type_open_source 4.23
movabletype movable_type_enterprise 4.23
movabletype movable_type_open_source 4.361
movabletype movable_type_enterprise 5.11
movabletype movable_type_pro 4.361
movabletype movable_type_enterprise 5.03
movabletype movable_type_open_source 5.06
movabletype movable_type_open_source 4.261
movabletype movable_type_enterprise 4.33
movabletype movable_type_pro 4.23
movabletype movable_type_advanced 4.2
movabletype movable_type_pro 4.2
movabletype movable_type_open_source 5.03
movabletype movable_type_advanced 4.31
movabletype movable_type_enterprise *
movabletype movable_type_advanced 4.0
movabletype movable_type_advanced 5.06
movabletype movable_type_open_source 4.2
movabletype movable_type_open_source 4.32
movabletype movable_type_open_source 5.02
movabletype movable_type_open_source 5.051
movabletype movable_type_open_source 5.04
movabletype movable_type_pro *
movabletype movable_type_open_source 4.25
movabletype movable_type_pro 5.06
movabletype movable_type_enterprise 4.31
movabletype movable_type_pro 5.1
CVE-2012-1262 MEDIUM

Cross-site scripting (XSS) vulnerability in cgi-bin/mt/mt-wizard.cgi in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13, when the product is incompletely installed, allows remote attackers to inject arbitrary web script or HTML via the dbuser parameter, a different vulnerability than CVE-2012-0318.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
movabletype movable_type_open_source 4.36
movabletype movable_type_pro 4.261
movabletype movable_type_enterprise 4.261
movabletype movable_type_advanced 4.34
movabletype movable_type_pro 4.3
movabletype movable_type_enterprise 4.34
movabletype movable_type_pro 4.0
movabletype movable_type_advanced *
movabletype movable_type_pro 5.11
movabletype movable_type_open_source 4.31
movabletype movable_type_advanced 5.02
movabletype movable_type_advanced 5.1
movabletype movable_type_enterprise 4.1
movabletype movable_type_advanced 4.35
movabletype movable_type_open_source 4.26
movabletype movable_type_enterprise 4.01
movabletype movable_type_open_source 5.12
movabletype movable_type_pro 5.051
movabletype movable_type_enterprise 5.12
movabletype movable_type_open_source 4.3
movabletype movable_type_pro 4.26
movabletype movable_type_pro 5.031
movabletype movable_type_advanced 5.03
movabletype movable_type_open_source 4.35
movabletype movable_type_open_source 5.031
movabletype movable_type_pro 4.36
movabletype movable_type_open_source 5.05
movabletype movable_type_advanced 4.01
movabletype movable_type_advanced 4.261
movabletype movable_type_pro 5.05
movabletype movable_type_enterprise 5.051
movabletype movable_type_advanced 5.04
movabletype movable_type_enterprise 5.02
movabletype movable_type_advanced 4.26
movabletype movable_type_enterprise 5.031
movabletype movable_type_advanced 5.11
movabletype movable_type_pro 4.32
movabletype movable_type_enterprise 5.04
movabletype movable_type_pro 4.33
movabletype movable_type_open_source 4.01
movabletype movable_type_advanced 4.361
movabletype movable_type_enterprise 4.361
movabletype movable_type_pro 5.02
movabletype movable_type_advanced 4.1
movabletype movable_type_advanced 4.3
movabletype movable_type_enterprise 5.05
movabletype movable_type_open_source 5.1
movabletype movable_type_enterprise 4.35
movabletype movable_type_open_source 4.0
movabletype movable_type_open_source 4.1
movabletype movable_type_enterprise 5.1
movabletype movable_type_open_source 5.11
movabletype movable_type_advanced 4.33
movabletype movable_type_enterprise 4.2
movabletype movable_type_pro 4.35
movabletype movable_type_pro 4.31
movabletype movable_type_enterprise 4.26
movabletype movable_type_enterprise 4.36
movabletype movable_type_advanced 4.23
movabletype movable_type_advanced 4.36
movabletype movable_type_advanced 5.05
movabletype movable_type_open_source 4.33
movabletype movable_type_enterprise 4.32
movabletype movable_type_pro 4.01
movabletype movable_type_pro 4.1
movabletype movable_type_advanced 5.031
movabletype movable_type_enterprise 4.3
movabletype movable_type_open_source 4.34
movabletype movable_type_enterprise 4.0
movabletype movable_type_pro 5.12
movabletype movable_type_open_source *
movabletype movable_type_pro 5.04
movabletype movable_type_advanced 5.051
movabletype movable_type_advanced 5.12
movabletype movable_type_advanced 4.25
movabletype movable_type_enterprise 5.06
movabletype movable_type_advanced 4.32
movabletype movable_type_pro 4.25
movabletype movable_type_pro 5.03
movabletype movable_type_pro 4.34
movabletype movable_type_enterprise 4.25
movabletype movable_type_open_source 4.23
movabletype movable_type_enterprise 4.23
movabletype movable_type_open_source 4.361
movabletype movable_type_enterprise 5.11
movabletype movable_type_pro 4.361
movabletype movable_type_enterprise 5.03
movabletype movable_type_open_source 5.06
movabletype movable_type_open_source 4.261
movabletype movable_type_enterprise 4.33
movabletype movable_type_pro 4.23
movabletype movable_type_advanced 4.2
movabletype movable_type_pro 4.2
movabletype movable_type_open_source 5.03
movabletype movable_type_advanced 4.31
movabletype movable_type_enterprise *
movabletype movable_type_advanced 4.0
movabletype movable_type_advanced 5.06
movabletype movable_type_open_source 4.2
movabletype movable_type_open_source 4.32
movabletype movable_type_open_source 5.02
movabletype movable_type_open_source 5.051
movabletype movable_type_open_source 5.04
movabletype movable_type_pro *
movabletype movable_type_open_source 4.25
movabletype movable_type_pro 5.06
movabletype movable_type_enterprise 4.31
movabletype movable_type_pro 5.1
CVE-2012-1497 MEDIUM

The default configuration of Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 supports the "mt:Include file=" attribute, which allows remote authenticated users to conduct directory traversal attacks and read arbitrary files by leveraging the template-designer role.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
movabletype movable_type_open_source 4.36
movabletype movable_type_pro 4.261
movabletype movable_type_enterprise 4.261
movabletype movable_type_advanced 4.34
movabletype movable_type_pro 4.3
movabletype movable_type_enterprise 4.34
movabletype movable_type_pro 4.0
movabletype movable_type_advanced *
movabletype movable_type_pro 5.11
movabletype movable_type_open_source 4.31
movabletype movable_type_advanced 5.02
movabletype movable_type_advanced 5.1
movabletype movable_type_enterprise 4.1
movabletype movable_type_advanced 4.35
movabletype movable_type_open_source 4.26
movabletype movable_type_enterprise 4.01
movabletype movable_type_open_source 5.12
movabletype movable_type_pro 5.051
movabletype movable_type_enterprise 5.12
movabletype movable_type_open_source 4.3
movabletype movable_type_pro 4.26
movabletype movable_type_pro 5.031
movabletype movable_type_advanced 5.03
movabletype movable_type_open_source 4.35
movabletype movable_type_open_source 5.031
movabletype movable_type_pro 4.36
movabletype movable_type_open_source 5.05
movabletype movable_type_advanced 4.01
movabletype movable_type_advanced 4.261
movabletype movable_type_pro 5.05
movabletype movable_type_enterprise 5.051
movabletype movable_type_advanced 5.04
movabletype movable_type_enterprise 5.02
movabletype movable_type_advanced 4.26
movabletype movable_type_enterprise 5.031
movabletype movable_type_advanced 5.11
movabletype movable_type_pro 4.32
movabletype movable_type_enterprise 5.04
movabletype movable_type_pro 4.33
movabletype movable_type_open_source 4.01
movabletype movable_type_advanced 4.361
movabletype movable_type_enterprise 4.361
movabletype movable_type_pro 5.02
movabletype movable_type_advanced 4.1
movabletype movable_type_advanced 4.3
movabletype movable_type_enterprise 5.05
movabletype movable_type_open_source 5.1
movabletype movable_type_enterprise 4.35
movabletype movable_type_open_source 4.0
movabletype movable_type_open_source 4.1
movabletype movable_type_enterprise 5.1
movabletype movable_type_open_source 5.11
movabletype movable_type_advanced 4.33
movabletype movable_type_enterprise 4.2
movabletype movable_type_pro 4.35
movabletype movable_type_pro 4.31
movabletype movable_type_enterprise 4.26
movabletype movable_type_enterprise 4.36
movabletype movable_type_advanced 4.23
movabletype movable_type_advanced 4.36
movabletype movable_type_advanced 5.05
movabletype movable_type_open_source 4.33
movabletype movable_type_enterprise 4.32
movabletype movable_type_pro 4.01
movabletype movable_type_pro 4.1
movabletype movable_type_advanced 5.031
movabletype movable_type_enterprise 4.3
movabletype movable_type_open_source 4.34
movabletype movable_type_enterprise 4.0
movabletype movable_type_pro 5.12
movabletype movable_type_open_source *
movabletype movable_type_pro 5.04
movabletype movable_type_advanced 5.051
movabletype movable_type_advanced 5.12
movabletype movable_type_advanced 4.25
movabletype movable_type_enterprise 5.06
movabletype movable_type_advanced 4.32
movabletype movable_type_pro 4.25
movabletype movable_type_pro 5.03
movabletype movable_type_pro 4.34
movabletype movable_type_enterprise 4.25
movabletype movable_type_open_source 4.23
movabletype movable_type_enterprise 4.23
movabletype movable_type_open_source 4.361
movabletype movable_type_enterprise 5.11
movabletype movable_type_pro 4.361
movabletype movable_type_enterprise 5.03
movabletype movable_type_open_source 5.06
movabletype movable_type_open_source 4.261
movabletype movable_type_enterprise 4.33
movabletype movable_type_pro 4.23
movabletype movable_type_advanced 4.2
movabletype movable_type_pro 4.2
movabletype movable_type_open_source 5.03
movabletype movable_type_advanced 4.31
movabletype movable_type_enterprise *
movabletype movable_type_advanced 4.0
movabletype movable_type_advanced 5.06
movabletype movable_type_open_source 4.2
movabletype movable_type_open_source 4.32
movabletype movable_type_open_source 5.02
movabletype movable_type_open_source 5.051
movabletype movable_type_open_source 5.04
movabletype movable_type_pro *
movabletype movable_type_open_source 4.25
movabletype movable_type_pro 5.06
movabletype movable_type_enterprise 4.31
movabletype movable_type_pro 5.1
CVE-2021-20663 MEDIUM

Cross-site scripting vulnerability in in Role authority setting screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
movabletype movable_type_premium *
movabletype movable_type_advanced *
movabletype movable_type *
movabletype movable_type_premium_advanced *
CVE-2021-20664 MEDIUM

Cross-site scripting vulnerability in in Asset registration screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
movabletype movable_type_premium *
movabletype movable_type_advanced *
movabletype movable_type *
movabletype movable_type_premium_advanced *
CVE-2021-20665 MEDIUM

Cross-site scripting vulnerability in in Add asset screen of Contents field of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
movabletype movable_type_premium *
movabletype movable_type_advanced *
movabletype movable_type *
movabletype movable_type_premium_advanced *