CVE-2010-3921

Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sixapart:movabletype:4.0:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.1:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.2:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.3:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.23:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.25:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.26:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.31:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.32:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.33:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.34:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:4.261:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:5.0:rc2:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:5.01:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:5.02:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:5.03:*:*:*:*:*:*:*
cpe:2.3:a:sixapart:movabletype:5.031:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-12-09 20:00

Updated : 2024-02-28 11:41


NVD link : CVE-2010-3921

Mitre link : CVE-2010-3921

CVE.ORG link : CVE-2010-3921


JSON object : View

Products Affected

sixapart

  • movabletype
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')