Cross-site scripting (XSS) vulnerability in Movable Type (MT) prior to 3.34 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
six apart ltd movable type |