Published:2025/08/20  Last Updated:2025/08/20

JVN#76729865
Multiple vulnerabilities in Movable Type

Overview

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities.

Products Affected

Software Edition

  • Movable Type / Movable Type Advanced
    • 8.0.0 to 8.0.6, 8.4.0 to 8.4.2 (8 series)
    • 7 r.5508 and earlier (7 series)
  • Movable Type Premium / Movable Type Premium (Advanced Edition)
    • 2.09 and earlier (2 series)
    • 1.66 and earlier (1 series)
Cloud Edition
  • Movable Type
    • 8.6.0 (8 series)
    • 7 r.5508 (7 series)
  • Movable Type Premium
    • 2.09 (2 series)
    • 1.66 (1 series)

Description

Movable Type provided by Six Apart Ltd. contains multiple vulnerabilities listed below.

  • Use of less trusted source(CWE-348
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 6.9
    • CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Base Score 5.3
    • CVE-2025-53522
  • Open redirect(CWE-601
    • CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Base Score 5.1
    • CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N Base Score 4.3
    • CVE-2025-55706

Impact

  • Tampered email to reset a password may be sent by a remote unauthenticated attacker (CVE-2025-53522)
  • An invalid parameter may be inserted into the password reset page, which may lead to redirection to an arbitrary URL (CVE-2025-55706)

Solution

Update the Software
Apply the appropriate update according to the information provided by the developer.
The developer has released the following updates that contain fixes for these vulnerabilities.

  • Movable Type / Movable Type Advanced 8.7.0 (Only available in Cloud Edition)
  • Movable Type / Movable Type Advanced 8.0.7, 8.4.3 (Only available in Software Edition)
  • Movable Type / Movable Type Advanced 7 r.5509
  • Movable Type Premium / Movable Type Premium (Advanced Edition) 2.10
  • Movable Type Premium / Movable Type Premium (Advanced Edition) 1.67
For more information, refer to the information provided by the developer.

Vendor Status

Vendor Status Last Update Vendor Notes
Six Apart Ltd. Vulnerable 2025/08/20 Six Apart Ltd. website

References

JPCERT/CC Addendum

Vulnerability Analysis by JPCERT/CC

Credit

Six Apart Ltd. reported these vulnerabilities to JPCERT/CC to notify users of the solutions through JVN.
JPCERT/CC and Six Apart Ltd. coordinated under the Information Security Early Warning Partnership.

Other Information

JPCERT Alert
JPCERT Reports
CERT Advisory
CPNI Advisory
TRnotes
CVE CVE-2025-53522
CVE-2025-55706
JVN iPedia JVNDB-2025-000061