Approved changes feed: RSS · Atom

cpe:2.3:a:movabletype:movable_type:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorMovabletype (a77b6415-3371-58da-be0e-a35cdecaf67b)
ProductMovable Type (f6c5f3b0-c72a-517e-b647-285af6719110)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/movabletype/movabletype purl2cpe 2026-06-01 10:15:42.209474

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2021-20665 vulnerable 2026-06-08 05:29:10.073799 Details available
Cross-site scripting vulnerability in in Add asset screen of Contents field of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
Published: 2021-03-05T09:20:21.000Z
Updated: 2024-08-03T17:45:45.209Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20664 vulnerable 2026-06-08 05:29:10.073426 Details available
Cross-site scripting vulnerability in in Asset registration screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
Published: 2021-03-05T09:20:20.000Z
Updated: 2024-08-03T17:45:45.233Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2021-20663 vulnerable 2026-06-08 05:29:10.070840 Details available
Cross-site scripting vulnerability in in Role authority setting screen of Movable Type 7 r.4705 and earlier (Movable Type 7 Series), Movable Type Advanced 7 r.4705 and earlier (Movable Type Advanced 7 Series), Movable Type 6.7.5 and earlier (Movable Type 6.7 Series), Movable Type Premium 1.39 and earlier, and Movable Type Premium Advanced 1.39 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
Published: 2021-03-05T09:20:20.000Z
Updated: 2024-08-03T17:45:45.341Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.