Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4079

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4079
Last Modified 15 Sep 2008 12:00:00
Published 15 Sep 2008 11:14:07
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4079

Summary

Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x through 4.20, and 3.36 and earlier; Movable Type Enterprise 4.x through 4.20, and 1.54 and earlier; and Movable Type Community Solution allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Vulnerable Systems

Application

  • Six Apart Movable Type 1.54

  • Six Apart Movable Type 3.36

  • Six Apart Movable Type 4

  • Six Apart Movable Type 4.20

  • Six Apart Movable Type Unknown


References

CONFIRM - http://www.sixapart.jp/movabletype/news/2008/08/28-1500.html

CONFIRM - http://www.sixapart.jp/movabletype/news/2008/08/07-1445.html

BID - 31073

JVN - JVN#30385652


Last Updated: 27 May 2016 10:48:22