Movable Type < 4.26 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5088
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe remote host is running Movable Type, a blogging software for Unix and Windows platforms. The installed version is earlier than 4.26. Such versions are reportedly affected by multiple vulnerabilities :
- An unspecified cross-site scripting vulnerability.
- A security-bypass issue in the 'mt-wizard.cgi' script.
SolutionUpgrade to Movable Type 4.26 or later.