icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Movable Type' Blog < 3.34 XSS

Medium

Synopsis

The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.

Description

The remote host is running Movable Type, a blogging software for Unix and Windows platforms. This version of Movable Type is vulnerable to a persistent Cross-Site Scripting (XSS) flaw. An attacker exploiting this flaw would post malicious code into the blog. Successful exploitation would allow an attacker to execute malicious code within a user's browser or disclose confidential data.

Solution

Upgrade to version 3.34 or higher.