Search Results (Refine Search)
- CPE Product Version: cpe:/a:sixapart:movable_type:3.2::open_source
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-0320 |
Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote attackers to take control of sessions via unspecified vectors related to the (1) commenting feature and (2) community script. Published: March 02, 2012; 11:04:57 PM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2012-0317 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allow remote attackers to hijack the authentication of arbitrary users for requests that modify data via the (1) commenting feature or (2) community script. Published: March 02, 2012; 11:04:57 PM -0500 |
V3.x:(not available) V2.0: 6.8 MEDIUM |