CVE-2009-2481

CVE-2009-2481 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:N

mt-wizard.cgi in Six Apart Movable Type before 4.261, when global templates are not initialized, allows remote attackers to bypass access restrictions and (1) send e-mail to arbitrary addresses or (2) obtain sensitive information via unspecified vectors.

Learn more about our Web Application Penetration Testing UK.