oss-sec mailing list archives
CVE request: SQL injection in MovableType xml-rpc interface
From: John Lightsey <john () nixnuts net>
Date: Wed, 22 Jun 2016 10:09:55 -0500
Hi there, SixApart just released new versions of MovableType 6.2 and 6.1 to fix an SQL injection in the xml-rpc interface. The vulnerability also affects the older GPLv2 licensed MovableType 5.2.13. Could you please assign a CVE identifier for tracking this issue? https://movabletype.org/news/2016/06/movable_type_626_and_613_released.html
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- CVE request: SQL injection in MovableType xml-rpc interface John Lightsey (Jun 22)
- Re: CVE request: SQL injection in MovableType xml-rpc interface cve-assign (Jun 22)
- Re: CVE request: SQL injection in MovableType xml-rpc interface John Lightsey (Jun 22)
- Re: CVE request: SQL injection in MovableType xml-rpc interface cve-assign (Jun 22)