• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Movable Type 'publish post' Security Bypass Vulnerability

Movable Type is prone to a security-bypass vulnerability because it fails to adequately validate user permissions.

An attacker can exploit this issue to bypass restrictions that are intended to prevent users with limited permissions from publishing documents.

Versions prior to Movable Type 4.23 are vulnerable.