#VU44164 Input validation error in Movable Type - CVE-2011-5085
Published: April 2, 2012 / Updated: August 11, 2020
Vulnerability identifier: #VU44164
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2011-5085
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Movable Type
Movable Type
Software vendor:
Six Apart Ltd
Six Apart Ltd
Description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
Unspecified vulnerability in Movable Type 4.x before 4.36 and 5.x before 5.05 allows remote attackers to read or modify data via unknown vectors.
Remediation
Install update from vendor's website.