Show plain JSON{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-11-15T00:00:00", "descriptions": [{"lang": "en", "value": "Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "shortName": "debian"}, "references": [{"name": "1029588", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1029588"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html"}, {"name": "56405", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56405"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304"}, {"name": "56295", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/56295"}, {"name": "DSA-2841", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2841"}, {"name": "movabletype-richtexteditor-xss(90095)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90095"}, {"name": "[oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q1/24"}, {"name": "[oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q1/36"}, {"name": "64657", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/64657"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@debian.org", "ID": "CVE-2014-0977", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cross-site scripting (XSS) vulnerability in the Rich Text Editor in Movable Type 5.0x, 5.1x before 5.161, 5.2.x before 5.2.9, and 6.0.x before 6.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1029588", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1029588"}, {"name": "http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html", "refsource": "CONFIRM", "url": "http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html"}, {"name": "56405", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56405"}, {"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304", "refsource": "CONFIRM", "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304"}, {"name": "56295", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/56295"}, {"name": "DSA-2841", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2841"}, {"name": "movabletype-richtexteditor-xss(90095)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90095"}, {"name": "[oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q1/24"}, {"name": "[oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q1/36"}, {"name": "64657", "refsource": "BID", "url": "http://www.securityfocus.com/bid/64657"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T09:34:40.415Z"}, "title": "CVE Program Container", "references": [{"name": "1029588", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1029588"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://movabletype.org/news/2013/11/movable_type_601_529_and_5161_released_to_close_security_vul.html"}, {"name": "56405", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56405"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734304"}, {"name": "56295", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/56295"}, {"name": "DSA-2841", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2841"}, {"name": "movabletype-richtexteditor-xss(90095)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90095"}, {"name": "[oss-security] 20140106 CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q1/24"}, {"name": "[oss-security] 20140107 Re: CVE Request: cross-site scripting vulnerabilities in movable type 6.0.1, 5.2.9, and 5.161", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q1/36"}, {"name": "64657", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/64657"}]}]}, "cveMetadata": {"assignerOrgId": "79363d38-fa19-49d1-9214-5f28da3f3ac5", "assignerShortName": "debian", "cveId": "CVE-2014-0977", "datePublished": "2014-01-10T17:00:00", "dateReserved": "2014-01-07T00:00:00", "dateUpdated": "2024-08-06T09:34:40.415Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}