Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Movable Type' Blog < 3.34 XSS

Medium

Synopsis

The remote host is vulnerable to a Cross-Site Scripting (XSS) attack.

Description

The remote host is running Movable Type, a blogging software for Unix and Windows platforms. This version of Movable Type is vulnerable to a persistent Cross-Site Scripting (XSS) flaw. An attacker exploiting this flaw would post malicious code into the blog. Successful exploitation would allow an attacker to execute malicious code within a user's browser or disclose confidential data.

Solution

Upgrade to version 3.34 or higher.