Movable Type Premium (Software Edition)

If a malformed data is input to the affected product, a CSV file downloaded from the affected product may contain such malformed data. When a victim user download and open such a CSV file, the embedded code may be executed in the user's environment. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.

Published: 2026-02-04T07:04:04.422Z
Updated: 2026-02-04T15:55:26.690Z

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.

Published: 2026-02-04T07:03:37.889Z
Updated: 2026-02-04T16:07:28.812Z

Movable Type contains a stored cross-site scripting vulnerability in Export Sites. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user's web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.

Published: 2026-02-04T07:03:01.475Z
Updated: 2026-02-04T16:08:00.768Z

Movable Type contains a stored cross-site scripting vulnerability in Edit Comment. If crafted input is stored by an attacker, arbitrary script may be executed on a logged-in user's web browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.

Published: 2026-02-04T07:02:50.465Z
Updated: 2026-02-04T16:08:26.340Z

Movable Type contains a stored cross-site scripting vulnerability in Edit CategorySet of ContentType page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit CategorySet of ContentType page.

Published: 2025-10-23T04:10:41.403Z
Updated: 2025-10-23T15:13:25.011Z

URL redirection to untrusted site ('Open Redirect') issue exists in Movable Type. If this vulnerability is exploited, an invalid parameter may be inserted into the password reset page, which may lead to redirection to an arbitrary URL.

Published: 2025-08-20T04:23:01.512Z
Updated: 2025-08-20T15:57:41.631Z

Movable Type contains a stored cross-site scripting vulnerability in Edit ContentData page. If crafted input is stored by an attacker with "ContentType Management" privilege, an arbitrary script may be executed on the web browser of the user who accesses Edit ContentData page.

Published: 2025-10-23T04:10:30.545Z
Updated: 2025-10-23T15:18:25.113Z

Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker.

Published: 2025-08-20T04:22:51.144Z
Updated: 2025-08-20T16:00:35.915Z