Vulnerabilities > Sixapart > Movable Type > 1.37
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-26 | CVE-2021-20811 | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in List of Assets screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.44 and earlier, and Movable Type Premium Advanced 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | 6.1 |
| 2021-08-26 | CVE-2021-20812 | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in Setting screen of Server Sync of Movable Type (Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series) and Movable Type Premium Advanced 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | 6.1 |
| 2021-08-26 | CVE-2021-20814 | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series), and Movable Type Premium 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | 6.1 |
| 2021-08-26 | CVE-2021-20815 | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in Edit Boilerplate screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Type 7 Series), Movable Type 6.8.0 and earlier (Movable Type 6 Series), Movable Type Advanced 7 r.4903 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.44 and earlier, and Movable Type Premium Advanced 1.44 and earlier) allows remote attackers to inject arbitrary script or HTML via unspecified vectors. | 6.1 |
| 2018-09-04 | CVE-2018-0672 | Cross-site Scripting vulnerability in Sixapart Movable Type Cross-site scripting vulnerability in Movable Type versions prior to Ver. | 6.1 |