Published:2010/05/12 Last Updated:2010/05/12
Information from Six Apart KK
Vulnerability ID:JVN#92854093
Title:Movable Type vulnerable to cross-site scripting
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
Movable Type 5.02 was released by Six Apart today. It contains fixes for a number of issues including one security vulnerability. It is highly recommended that all users of Movable Type 5.x upgrade their installations, especially the ones with multiple users. Details about the issues that were fixed, and updated versions can be found in this page.
http://www.movabletype.com/blog/2010/05/movable-type-502.html