VYPR
Medium severity6.1NVD Advisory· Published Sep 12, 2022· Updated Jun 17, 2026

CVE-2022-38972

CVE-2022-38972

Description

Cross-site scripting vulnerability in Movable Type plugin A-Form versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series) allows a remote unauthenticated attacker to inject an arbitrary script.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <4.1.1 (for MT7), <3.9.1 (for MT6)
  • Range: versions prior to 4.1.1 (for Movable Type 7 Series) and versions prior to 3.9.1 (for Movable Type 6 Series)

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.