Medium severity5.4NVD Advisory· Published Feb 19, 2025· Updated Apr 15, 2026
CVE-2025-24841
CVE-2025-24841
Description
Movable Type contains a stored cross-site scripting vulnerability in the HTML edit mode of MT Block Editor. It is exploitable when TinyMCE6 is used as a rich text editor and an arbitrary script may be executed on a logged-in user's web browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: < 8.4.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.