Security Advisory

CVE-2025-25054

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-02-19 05:52:09

Last updated 2025-02-19 14:53:01

Assigner jpcert

State PUBLISHED

Description

Movable Type contains a reflected cross-site scripting vulnerability in the user information edit page. When Multi-Factor authentication plugin is enabled and a user accesses a crafted page while logged in to the affected product, an arbitrary script may be executed on the web browser of the user.

← Browse all CVEs View on cve.org ↗