Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier Cross-Site Request Forgery (CSRF) Vulnerability

Summary

Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier suffers from cross-site request forgery (CSRF) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://movabletype.org/news/2020/05/mt-730-660-6312-released.html


Details

Cross-site request forgery (CSRF) vulnerability in Movable Type series allows remote attackers to hijack the authentication of administrators via unspecified vectors.

 

Vulnerable Systems:

Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier 

Movable Type Advanced 7 r.4606 (7.2.1) and earlier

Movable Type for AWS 7 r.4606 (7.2.1) and earlier

Movable Type 6.5.3 and earlier

Movable Type Advanced 6.5.3 and earlier 

Movable Type 6.3.11 and earlier 

Movable Type Advanced 6.3.11 and earlier 

Movable Type Premium 1.29 and earlier

Movable Type Premium Advanced 1.29 and earlier

 

CVE Information:

CVE-2020-5576

 

Disclosure Timeline:
Published Date:5/13/2020

Categories: News