CVE-2026-21393 | Six Apart Movable Type 8.4 Edit Comment cross site scripting

Inserito da Angelo Barbosa | Feb 4, 2026 | CVE

A vulnerability was found in Six Apart Movable Type, Movable Type Advanced and Movable Type Premium 8.4. It has been classified as problematic. The affected element is an unknown function of the component Edit Comment Handler. This manipulation causes cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is handled as CVE-2026-21393. The attack can be initiated remotely. There is not any exploit available.

CVE-2026-21393 | Six Apart Movable Type 8.4 Edit Comment cross site scripting

Post correlati

CVE-2024-5833 | Google Chrome prior 126.0.6478.54 V8 type confusion (ID 342602)

CVE-2025-13893 | Lesson Plan Book Plugin up to 1.3 on WordPress $_SERVER[‘PHP_SELF’] cross site scripting

CVE-2024-28989 | SolarWinds Web Help Desk up to 12.8.4 hard-coded key

CVE-2025-58781 | Wireless Tsukamoto WTW-EAGLE App up to 4.4.0 on iOS/Android certificate validation