Description
Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow an attacker to execute arbitrary Perl script.
CVSS breakdown
CVSS 4.0
Attack Vector
Network
Attack Complexity
Low
Attack Requirements
None
Privileges Required
None
User Interaction
None
Confidentiality (Vulnerable System)
High
Integrity (Vulnerable System)
High
Availability (Vulnerable System)
High
Confidentiality (Subsequent System)
None
Integrity (Subsequent System)
None
Availability (Subsequent System)
None
CVSS 3.0
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Six Apart Ltd. / Movable Type9.1.0 and earlier – 9.1.0 and earlier
- Six Apart Ltd. / Movable Type9.0.6 and earlier – 9.0.6 and earlier
- Six Apart Ltd. / Movable Type8.8.2 and earlier – 8.8.2 and earlier
- Six Apart Ltd. / Movable Type8.0.9 and earlier – 8.0.9 and earlier
- Six Apart Ltd. / Movable Type5.1 to 5.18 – 5.1 to 5.18
- Six Apart Ltd. / Movable Type5.2 – 5.2
- Six Apart Ltd. / Movable Type5.2.1 to 5.2.13 – 5.2.1 to 5.2.13
- Six Apart Ltd. / Movable Type6.0 – 6.0
- Six Apart Ltd. / Movable Type6.0.1 to 6.8.8 – 6.0.1 to 6.8.8
- Six Apart Ltd. / Movable Type7 r.4207 to r.5510 – 7 r.4207 to r.5510
- Six Apart Ltd. / Movable Type8.4.0 to 8.4.4 – 8.4.0 to 8.4.4
- Six Apart Ltd. / Movable Type1.0 to 1.68 – 1.0 to 1.68
- Six Apart Ltd. / Movable Type Advanced9.0.6 and earlier – 9.0.6 and earlier
- Six Apart Ltd. / Movable Type Advanced8.0.9 and earlier – 8.0.9 and earlier
- Six Apart Ltd. / Movable Type Advanced8.8.2 and earlier – 8.8.2 and earlier
- Six Apart Ltd. / Movable Type Advanced9.1.0 and earlier – 9.1.0 and earlier
- Six Apart Ltd. / Movable Type Premium2.14 and earlier – 2.14 and earlier
- Six Apart Ltd. / Movable Type Premium9.1.0 and earlier – 9.1.0 and earlier
- Six Apart Ltd. / Movable Type Premium9.0.6 and earlier – 9.0.6 and earlier
- Six Apart Ltd. / Movable Type Premium (Advanced Edition)9.1.0 and earlier – 9.1.0 and earlier
- Six Apart Ltd. / Movable Type Premium (Advanced Edition)9.0.6 and earlier – 9.0.6 and earlier
- Six Apart Ltd. / Movable Type Premium (Advanced Edition)2.14 and earlier – 2.14 and earlier
- Six Apart Ltd. / Movable Type Premium (MT8-based)2.14 and earlier – 2.14 and earlier