CVE-2008-4634
Published Oct 21, 2008
Last updated 7 years ago
Overview
- Description
- Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D62FC8B9-3B6A-46C6-94CD-E35941BB64C4"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4:unknown:community_solution:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3376A0EE-CED7-495C-932D-239000C8E5A9"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4:unknown:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00239DBB-03C7-4E5C-860E-D0437702748B"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4:unknown:open_source:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FB619291-69AA-4F90-8A3F-B9814906E890"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C55BC3C3-83AB-452C-AC2D-A53B3E0C3473"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:unknown:community_solution:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F39B76A-C894-4CAD-8B0D-7B6B8F969D7B"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:unknown:enterprise:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0B1D9C09-2BA0-484A-A0C3-6683B773F247"
},
{
"criteria": "cpe:2.3:a:six_apart:movable_type:4.20:unknown:open_source:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCDC2602-7A4F-460A-B440-A0B6AC96C8C6"
}
],
"operator": "OR"
}
]
}
]