Vulnerabilities > Sixapart > Movabletype > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-10 | CVE-2014-0977 | Cross-Site Scripting vulnerability in Sixapart Movabletype Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2011-11-03 | CVE-2011-4274 | Cross-Site Scripting vulnerability in Ark-Web A-Form PC and A-Form PC Mobile Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676. | 4.3 |
| 2010-12-09 | CVE-2010-3921 | Cross-Site Scripting vulnerability in Sixapart Movabletype Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |