Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.
Max CVSS
6.1
EPSS Score
0.19%
Published
2022-09-12
Updated
2022-09-15
1 vulnerabilities found