CVE-2012-0318

Multiple cross-site scripting (XSS) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to inject arbitrary web script or HTML via vectors involving templates, a different issue than CVE-2012-1262.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:movabletype:movable_type_open_source:5.051:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:*:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_open_source:4.33:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:movabletype:movable_type_enterprise:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.051:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:*:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_enterprise:4.2:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:movabletype:movable_type_advanced:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.051:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.0:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:*:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_advanced:4.2:beta:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:a:movabletype:movable_type_pro:5.05:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.34:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.33:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.23:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:*:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.06:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.051:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.36:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.35:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.11:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.2:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.32:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.261:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.04:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.1:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.0:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.3:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.03:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.031:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.25:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.01:beta:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.31:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.361:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.26:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.02:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:5.12:*:*:*:*:*:*:*
cpe:2.3:a:movabletype:movable_type_pro:4.0:beta:*:*:*:*:*:*

Information

Published : 2012-03-02 20:04

Updated : 2018-01-17 18:29


NVD link : CVE-2012-0318

Mitre link : CVE-2012-0318


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

movabletype

  • movable_type_enterprise
  • movable_type_pro
  • movable_type_advanced
  • movable_type_open_source