CVE Vulnerabilities

CVE-2008-5846

Published: Jan 05, 2009 | Modified: Aug 08, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4 MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
RedHat/V2
RedHat/V3
Ubuntu

Six Apart Movable Type (MT) before 4.23 allows remote authenticated users with create permission for posts to bypass intended access restrictions and publish posts via a system-wide entry listing screen.

Affected Software

Name Vendor Start Version End Version
Movable_type Sixapart 3.0d 3.0d
Movable_type Sixapart 3.1 3.1
Movable_type Sixapart 3.01d 3.01d
Movable_type Sixapart 3.2 3.2
Movable_type Sixapart 3.3 3.3
Movable_type Sixapart 3.11 3.11
Movable_type Sixapart 3.12 3.12
Movable_type Sixapart 3.14 3.14
Movable_type Sixapart 3.15 3.15
Movable_type Sixapart 3.16 3.16
Movable_type Sixapart 3.17 3.17
Movable_type Sixapart 3.32 3.32
Movable_type Sixapart 3.33 3.33
Movable_type Sixapart 3.34 3.34
Movable_type Sixapart 3.35 3.35
Movable_type Sixapart 4.2 4.2
Movable_type Sixapart * 4.21
Movabletype-opensource Ubuntu intrepid *
Movabletype-opensource Ubuntu upstream *

References