1 results (0.013 seconds)

CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0

Cross-site scripting (XSS) vulnerability in the MailForm plugin before 1.20 for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilida de ejecución de secuencias de comandos en sitios cruzados (XSS) en el complemento MailForm antes de v1.20 para Movable Type, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://jvn.jp/en/jp/JVN60887968/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000108.html http://www.h-fj.com/blog/archives/2007/01/23-111038.php https://exchange.xforce.ibmcloud.com/vulnerabilities/72344 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •