Vulnerability Database

290,922

Total vulnerabilities in the database

CVE-2012-0317

Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script.

  • Published: Mar 3, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-0317
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
sixapart / movable_type 5.051 5.051.x
sixapart / movable_type 5.11 5.11.x
sixapart / movable_type 4.291 4.291.x
sixapart / movable_type 5.04 5.04.x
sixapart / movable_type - 4.37.x
sixapart / movable_type 4.36 4.36.x
sixapart / movable_type 5.01 5.01.x
sixapart / movable_type 4.292 4.292.x
sixapart / movable_type 4.361 4.361.x
sixapart / movable_type 5.0 5.0.x
sixapart / movable_type 5.05 5.05.x
sixapart / movable_type 4.29 4.29.x
sixapart / movable_type 5.1 5.1.x
sixapart / movable_type 4.28 4.28.x
sixapart / movable_type 5.06 5.06.x
sixapart / movable_type 5.12 5.12.x
sixapart / movable_type 5.02 5.02.x
sixapart / movable_type - 4.292.x
sixapart / movable_type 4.0 4.0.x
sixapart / movable_type 4.1-beta2 4.1-beta2.x
sixapart / movable_type 4.24 4.24.x
sixapart / movable_type 4.1-beta 4.1-beta.x
sixapart / movable_type 4.2-rc5 4.2-rc5.x
sixapart / movable_type 5.031 5.031.x
sixapart / movable_type 5.07 5.07.x
sixapart / movable_type 4.0-beta6 4.0-beta6.x
sixapart / movable_type 5.03 5.03.x
sixapart / movable_type 4.23 4.23.x
sixapart / movable_type 4.0-rc2 4.0-rc2.x
sixapart / movable_type 4.261 4.261.x
sixapart / movable_type 5.0-beta1 5.0-beta1.x
sixapart / movable_type 4.0-beta4 4.0-beta4.x
sixapart / movable_type 4.35 4.35.x
sixapart / movable_type 4.26 4.26.x
sixapart / movable_type 4.37 4.37.x
sixapart / movable_type 4.15-beta4 4.15-beta4.x
sixapart / movable_type 5.0-rc1 5.0-rc1.x
sixapart / movable_type 4.0-beta5 4.0-beta5.x
sixapart / movable_type 4.0-beta7 4.0-beta7.x
sixapart / movable_type 4.0-rc1 4.0-rc1.x
sixapart / movable_type 5.0-beta4 5.0-beta4.x
sixapart / movable_type 4.0-beta 4.0-beta.x
sixapart / movable_type 4.12 4.12.x
sixapart / movable_type 4.2 4.2.x
sixapart / movable_type 5.0-rc3 5.0-rc3.x
sixapart / movable_type 5.0-rc2 5.0-rc2.x
sixapart / movable_type 4.0-rc3 4.0-rc3.x
sixapart / movable_type 4.2-rc4 4.2-rc4.x
sixapart / movable_type 4.27 4.27.x
sixapart / movable_type 5.1-beta 5.1-beta.x
sixapart / movable_type 4.15-beta3 4.15-beta3.x
sixapart / movable_type 4.25 4.25.x
sixapart / movable_type 5.1-rc1 5.1-rc1.x
sixapart / movable_type 4.2-rc2 4.2-rc2.x
sixapart / movable_type 4.0-beta3 4.0-beta3.x
sixapart / movable_type 4.15-beta1 4.15-beta1.x
sixapart / movable_type 4.22 4.22.x
sixapart / movable_type 4.1-rc1 4.1-rc1.x
sixapart / movable_type 5.0-beta2 5.0-beta2.x
sixapart / movable_type 4.0-beta2 4.0-beta2.x
sixapart / movable_type 5.0-beta3 5.0-beta3.x