Описание
Movable Type contains a stored cross-site scripting vulnerability in Edit CategorySet of ContentType page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit CategorySet of ContentType page.
EPSS
Процентиль: 11%
0.00039
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
debian
4 месяца назад
Movable Type contains a stored cross-site scripting vulnerability in E ...
CVSS3: 4.8
github
4 месяца назад
Movable Type contains a stored cross-site scripting vulnerability in Edit CategorySet of ContentType page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit CategorySet of ContentType page.
EPSS
Процентиль: 11%
0.00039
Низкий
4.8 Medium
CVSS3
Дефекты
CWE-79