CNNVD-202508-2412 Information

CNNVD ID

CNNVD-202508-2412

Related CVE

CVE-2025-55706

• CNNVD Published: 2025-08-20

Description (Chinese)

Movable Type是Movable Type公司的一个内容管理系统。 Movable Type存在安全漏洞，该漏洞源于密码重置页面可能插入无效参数，导致重定向至任意URL。

Description (English)

Movable Type is a content management system for Movable Type. There is a security loophole in Movable Type, which results from the possible insertion of invalid parameters in the password reset page, leading to a redirection to any URL.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

Movable Type

Published

2025-08-20

Last Modified

2026-02-24

References

https://movabletype.org/news/2025/08/mt-843-released.html https://jvn.jp/en/jp/JVN76729865/ https://nvd.nist.gov/vuln/detail/CVE-2025-55706

Patch

https://www.movabletype.com/