CVE-2008-4634

Cross-site scripting (XSS) vulnerability in Movable Type 4 through 4.21 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the administrative page, a different vulnerability than CVE-2008-4079.

Date published : 2008-10-20

http://www.securityfocus.com/bid/31826

http://www.sixapart.jp/movabletype/news/2008/10/15-1400.html