Candidate: CVE-2009-2492
PublicDate: 2009-07-17 16:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2492
 http://www.movabletype.org/documentation/appendices/release-notes/426.html
Description:
 Cross-site scripting (XSS) vulnerability in mt-wizard.cgi in Six Apart
 Movable Type before 4.261 allows remote attackers to inject arbitrary web
 script or HTML via unspecified vectors, a different vulnerability than
 CVE-2009-2480.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_movabletype-opensource:
upstream_movabletype-opensource: released (4.261)
dapper_movabletype-opensource: DNE
hardy_movabletype-opensource: DNE
intrepid_movabletype-opensource: needs-triage (reached end-of-life)
jaunty_movabletype-opensource: ignored (reached end-of-life)
karmic_movabletype-opensource: ignored (reached end-of-life)
lucid_movabletype-opensource: not-affected (4.2.6.1-1)
maverick_movabletype-opensource: not-affected (4.2.6.1-1)
natty_movabletype-opensource: not-affected (4.2.6.1-1)
devel_movabletype-opensource: not-affected (4.2.6.1-1)