Input validation error in Movable Type - CVE-2011-5085
Published: April 2, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU44164
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2011-5085
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Six Apart Ltd
Affected software:
Movable Type
Movable Type
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors.
How to mitigate CVE-2011-5085
Install update from vendor's website.