Known Vulnerabilities for Movable Type by Sixapart
Listed below are 10 of the newest known vulnerabilities associated with "Movable Type" by "Sixapart".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33088 json | Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arb... | Not Provided | 2026-04-08 | 2026-04-08 |
| CVE-2026-25776 json | Movable Type provided by Six Apart Ltd. contains a code injection vulnerability which may allow an attacker to execute arbitr... | Not Provided | 2026-04-08 | 2026-04-08 |
| CVE-2023-45746 json | Cross-site scripting vulnerability in Movable Type series allows a remote authenticated attacker to inject an arbitrary scrip... | 5.4 - MEDIUM | 2023-10-30 | 2023-11-08 |
| CVE-2022-45122 json | Cross-site scripting vulnerability in Movable Type Movable Type 7 r.5301 and earlier (Movable Type 7 Series), Movable Type Ad... | 6.1 - MEDIUM | 2022-12-07 | 2022-12-12 |
| CVE-2022-45113 json | Improper validation of syntactic correctness of input vulnerability exist in Movable Type series. Having a user to access a s... | 6.5 - MEDIUM | 2022-12-07 | 2022-12-12 |
| CVE-2022-43660 json | Improper neutralization of Server-Side Includes (SSW) within a web page in Movable Type series allows a remote authenticated ... | 7.2 - HIGH | 2022-12-07 | 2022-12-12 |
| CVE-2022-38078 json | Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability. Sending a specially crafted me... | 9.8 - CRITICAL | 2022-08-24 | 2023-08-08 |
| CVE-2021-20837 json | Movable Type 7 r.5002 and earlier (Movable Type 7 Series), Movable Type 6.8.2 and earlier (Movable Type 6 Series), Movable Ty... | 9.8 - CRITICAL | 2021-10-26 | 2021-11-28 |
| CVE-2021-20815 json | Cross-site scripting vulnerability in Edit Boilerplate screen of Movable Type (Movable Type 7 r.4903 and earlier (Movable Typ... | 6.1 - MEDIUM | 2021-08-26 | 2021-09-01 |
| CVE-2021-20814 json | Cross-site scripting vulnerability in Setting screen of ContentType Information Widget Plugin of Movable Type (Movable Type 7... | 6.1 - MEDIUM | 2021-08-26 | 2021-09-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sixapart | Movable Type | 7.2.1 | |||
| Application | Sixapart | Movable Type | 7.2.1 | |||
| Application | Sixapart | Movable Type | 7.2.1 | |||
| Application | Sixapart | Movable Type | 7.2.0 | |||
| Application | Sixapart | Movable Type | 7.2.0 | |||
| Application | Sixapart | Movable Type | 7.2.0 | |||
| Application | Sixapart | Movable Type | 7.2.0 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.4 | |||
| Application | Sixapart | Movable Type | 7.1.3 | |||
| Application | Sixapart | Movable Type | 7.1.2 | |||
| Application | Sixapart | Movable Type | 7.1.2 | |||
| Application | Sixapart | Movable Type | 7.1.2 | |||
| Application | Sixapart | Movable Type | 7.1.2 | |||
| Application | Sixapart | Movable Type | 7.1.2 | |||
| Application | Sixapart | Movable Type | 7.1.1 |