Published: 2018/08/30  Last Updated: 2018/08/30

Information from Six Apart, Ltd.

Vulnerability ID:JVN#89550319
Title:Movable Type vulnerable to cross-site scripting

This is a statement from the vendor itself with no modification by JPCERT/CC.

This case is same as JVN#48237713. We have been already solved this issue in version 6.3.1.

However, unfortunately, if you using old version of Movable Type, please remove following directory.

* <MT_HOME>/php/extlib/adodb5/tests