CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2492

Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart Movable Type before 4.261 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-2480.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 57.0%

CVSS Severity

CVSS v2 Score 2.6

References

Products affected by CVE-2009-2492

Six Apart » Movable Type » Version: Any

cpe:2.3:a:six_apart:movable_type:*
Six Apart » Movable Type » Version: 1.54

cpe:2.3:a:six_apart:movable_type:1.54
Six Apart » Movable Type » Version: 2.6

cpe:2.3:a:six_apart:movable_type:2.6
Six Apart » Movable Type » Version: 2.63

cpe:2.3:a:six_apart:movable_type:2.63
Six Apart » Movable Type » Version: 3.16

cpe:2.3:a:six_apart:movable_type:3.16
Six Apart » Movable Type » Version: 3.17

cpe:2.3:a:six_apart:movable_type:3.17
Six Apart » Movable Type » Version: 3.3

cpe:2.3:a:six_apart:movable_type:3.3
Six Apart » Movable Type » Version: 3.32

cpe:2.3:a:six_apart:movable_type:3.32
Six Apart » Movable Type » Version: 3.33

cpe:2.3:a:six_apart:movable_type:3.33
Six Apart » Movable Type » Version: 3.36

cpe:2.3:a:six_apart:movable_type:3.36
Six Apart » Movable Type » Version: 4

cpe:2.3:a:six_apart:movable_type:4
Six Apart » Movable Type » Version: 4.20

cpe:2.3:a:six_apart:movable_type:4.20
Six Apart Ltd » Movable Type » Version: Any

cpe:2.3:a:six_apart_ltd:movable_type:*
Six Apart Ltd » Movable Type » Version: 3.33

cpe:2.3:a:six_apart_ltd:movable_type:3.33
Sixapart » Movable Type » Version: 1.00

cpe:2.3:a:sixapart:movable_type:1.00
Sixapart » Movable Type » Version: 1.1

cpe:2.3:a:sixapart:movable_type:1.1
Sixapart » Movable Type » Version: 1.2

cpe:2.3:a:sixapart:movable_type:1.2
Sixapart » Movable Type » Version: 1.3

cpe:2.3:a:sixapart:movable_type:1.3
Sixapart » Movable Type » Version: 1.31

cpe:2.3:a:sixapart:movable_type:1.31
Sixapart » Movable Type » Version: 1.4

cpe:2.3:a:sixapart:movable_type:1.4
Sixapart » Movable Type » Version: 1.5

cpe:2.3:a:sixapart:movable_type:1.5
Sixapart » Movable Type » Version: 3.01d

cpe:2.3:a:sixapart:movable_type:3.01d
Sixapart » Movable Type » Version: 3.0d

cpe:2.3:a:sixapart:movable_type:3.0d
Sixapart » Movable Type » Version: 3.1

cpe:2.3:a:sixapart:movable_type:3.1
Sixapart » Movable Type » Version: 3.11

cpe:2.3:a:sixapart:movable_type:3.11
Sixapart » Movable Type » Version: 3.12

cpe:2.3:a:sixapart:movable_type:3.12
Sixapart » Movable Type » Version: 3.14

cpe:2.3:a:sixapart:movable_type:3.14
Sixapart » Movable Type » Version: 3.15

cpe:2.3:a:sixapart:movable_type:3.15
Sixapart » Movable Type » Version: 3.16

cpe:2.3:a:sixapart:movable_type:3.16
Sixapart » Movable Type » Version: 3.17

cpe:2.3:a:sixapart:movable_type:3.17
Sixapart » Movable Type » Version: 3.2

cpe:2.3:a:sixapart:movable_type:3.2
Sixapart » Movable Type » Version: 3.3

cpe:2.3:a:sixapart:movable_type:3.3
Sixapart » Movable Type » Version: 3.32

cpe:2.3:a:sixapart:movable_type:3.32
Sixapart » Movable Type » Version: 3.33

cpe:2.3:a:sixapart:movable_type:3.33
Sixapart » Movable Type » Version: 3.34

cpe:2.3:a:sixapart:movable_type:3.34
Sixapart » Movable Type » Version: 3.35

cpe:2.3:a:sixapart:movable_type:3.35
Sixapart » Movable Type » Version: 4.0

cpe:2.3:a:sixapart:movable_type:4.0
Sixapart » Movable Type » Version: 4.01

cpe:2.3:a:sixapart:movable_type:4.01
Sixapart » Movable Type » Version: 4.1

cpe:2.3:a:sixapart:movable_type:4.1
Sixapart » Movable Type » Version: 4.12

cpe:2.3:a:sixapart:movable_type:4.12
Sixapart » Movable Type » Version: 4.2

cpe:2.3:a:sixapart:movable_type:4.2
Sixapart » Movable Type » Version: 4.21

cpe:2.3:a:sixapart:movable_type:4.21
Sixapart » Movable Type » Version: 4.23

cpe:2.3:a:sixapart:movable_type:4.23

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-2492

Products

Pricing

Contact Us