Security Advisory

CVE-2022-38972

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-12 01:50:14

Last updated 2024-08-03 11:10:31

Assigner jpcert

State PUBLISHED

Description

Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.

← Browse all CVEs View on cve.org ↗