CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2012-2644

Cross-site scripting (XSS) vulnerability in the MT4i plugin 3.1 beta 4 and earlier for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-2642.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.9%

CVSS Severity

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN79111101/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000069
http://www.hazama.nu/pukiwiki/index.php?MT4i%2F3.1
http://jvn.jp/en/jp/JVN79111101/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000069
http://www.hazama.nu/pukiwiki/index.php?MT4i%2F3.1

Products affected by CVE-2012-2644

Hazama » Mt4i » Version: Any

cpe:2.3:a:hazama:mt4i:*
Six Apart » Movable Type » Version: Any

cpe:2.3:a:six_apart:movable_type:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-2644

Products

Pricing

Contact Us