Movable Type' Blog < 3.34 XSS
Medium Nessus Network Monitor Plugin ID 3894
SynopsisThe remote host is vulnerable to a Cross-Site Scripting (XSS) attack.
DescriptionThe remote host is running Movable Type, a blogging software for Unix and Windows platforms. This version of Movable Type is vulnerable to a persistent Cross-Site Scripting (XSS) flaw. An attacker exploiting this flaw would post malicious code into the blog. Successful exploitation would allow an attacker to execute malicious code within a user's browser or disclose confidential data.
SolutionUpgrade to version 3.34 or higher.