CVE-2005-3103

Cross-site scripting (XSS) vulnerability in Movable Type before 3.2 allows remote attackers to inject arbitrary web script or HTML via the (1) title, (2) category, (3) body, (4) extended body, and (5) excerpt form fields in new blog entries.

Published: Sep 29, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-3103
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
six_apart / movable_type	3.16	3.16.x

http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0091.html
http://secunia.com/advisories/16899

Vulnerability Database

290,922

CVE-2005-3103