Browse all 35 CVE security advisories affecting Six Apart Ltd.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Six Apart Ltd. is best known for developing Movable Type, a widely adopted content management system and blogging platform that enabled users to publish and manage web content. Historically, the software’s codebase has exhibited several critical security flaws, resulting in thirty-five recorded Common Vulnerabilities and Exposures. These defects predominantly involve remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls within the application’s architecture. While no single catastrophic data breach has defined the company’s public security history, the accumulation of these CVEs highlights systemic weaknesses in its development lifecycle. The persistent presence of these vulnerabilities suggests that legacy code maintenance and rigorous security auditing were not consistently prioritized, leaving deployed instances exposed to exploitation by attackers seeking to compromise server integrity or steal user data through standard web attack vectors.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-38078 | Movable Type 代码注入漏洞 — Movable Type XMLRPC API | 9.8 | - | 2022-08-24 |
This page lists every published CVE security advisory associated with Six Apart Ltd.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.