Vulnerabilities

CVE-2026-23704

by Fred · 04/02/2026

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator’s browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life (EOL), are affected by the vulnerability as well.

More information : https://jvn.jp/en/jp/JVN45405689/

Similar

Tags: Cybersecurity Alert