关键信息提取 漏洞概述 漏洞编号: JVN#45405689 影响产品: Movable Type 软件和云版本,由 Six Apart Ltd. 提供。 发表日期: 2026/02/04 最后更新日期: 2026/02/04 产品版本受影响情况: - Movable Type Software Edition: - Movable Type / Movable Type Advanced - 9.0.4 to 9.0.5 (9.0 series) - 8.8.0 to 8.8.1 (8.8 series) - 8.0.2 to 8.0.8 (8.0 series) - Movable Type Premium (Advanced Edition) - 9.0.4 (9.0 series) - 2.13 and earlier (2.0 series) - End-of-Life (EOL) versions affected: 7 series and 8.2 series - Movable Type Cloud Edition: - Movable Type - 9.0.5 (9.0 series) - 8.8.1 (8.8 series) - Movable Type Premium - 9.0.5 (9.0 series) - 2.12 (2 series) 漏洞描述 以下漏洞在 Movable Type 中被列出: 存储型跨站脚本漏洞: - 在编辑评论(CWE-79) - CVSS 4.0 Base Score: 4.8 - CVSS 3.0 Base Score: 5.4 - CVE: CVE-2026-21393 - 在导出站点(CWE-79) - CVSS 4.0 Base Score: 4.8 - CVSS 3.0 Base Score: 5.4 - CVE: CVE-2026-22875 上传危险类型文件的漏洞: - 无限制的文件上传 (CWE-434) - CVSS 4.0 Base Score: 5.1 - CVSS 3.0 Base Score: 6.5 - CVE: CVE-2026-23704 CSV 文件中的公式元素不当中和漏洞: - 不当的公式元素中和 (CWE-1236) - CVSS 4.0 Base Score: 4.8 - CVSS 3.0 Base Score: 6.5 - CVE: CVE-2026-24447 影响 任意脚本可能在登录用户的浏览器中执行(CVE-2026-21393、CVE-2026-22875)。 如果产品管理员访问恶意文件,任意脚本可能在管理员的浏览器中执行(CVE-2026-23704)。 如果有用户输入畸形数据,受害者用户可能下载包含畸形数据的 CSV 文件,当该 CSV 文件在用户环境中打开时,嵌入的代码可能被执行(CVE-2026-24447)。 解决方案 更新受影响产品以解决漏洞: Movable Type Software Edition: - Movable Type / Movable Type Advanced - 9.0.6 (9.0 series) - 8.8.2 (8.8 series) - 8.0.9 (8.0 series) - Movable Type Premium (Advanced Edition) - 9.1.0 (9.0 series) - 2.14 (2.0 series) Movable Type Cloud Edition: - Movable Type - 9.1.0 (9.0 series) - 8.8.2 (8.8 series) - Movable Type Premium - 9.1.0 (9.0 series) - 2.14 (2.0 series) 供应商状态 供应商: Six Apart Ltd. 状态: 受影响 上次更新日期: 2026/02/04 致谢 CVE 漏洞报告者: Kento Ishii (GMO Cybersecurity by Ierae)。 CVE 漏洞通报到 JPCERT/CC: Six Apart Ltd。