Home
Description
Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker.
PUBLISHED Reserved 2025-08-14 | Published 2025-08-20 | Updated 2025-08-20 | Assigner jpcert
MEDIUM: 5.3CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
MEDIUM: 6.9CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Problem types
Use of less trusted source
Product status
8.0.0 to 8.0.6
affected
8.4.0 to 8.4.2 (8 series)
affected
7 r.5508 and earlier (7 series)
affected
8.0.0 to 8.0.6
affected
8.4.0 to 8.4.2 (8 series)
affected
7 r.5508 and earlier (7 series)
affected
2.09 and earlier (2 series)
affected
1.66 and earlier (1 series)
affected
2.09 and earlier (2 series)
affected
1.66 and earlier (1 series)
affected
8.6.0 (8 series)
affected
7 r.5508 (7 series)
affected
2.09 (2 series)
affected
1.66 (1 series)
affected
References
movabletype.org/news/2025/08/mt-843-released.html
jvn.jp/en/jp/JVN76729865/
cve.org
(CVE-2025-53522)
nvd.nist.gov
(CVE-2025-53522)
Download JSON
