Portcullis20051011.txt (3897 downloads)
© Tim Brown and Portcullis Computer Security Ltd
License: n/a
Advisory for Movable Type 3.16 and previous describing how badly chosen cookies, XSS, username enumeration, remote code execution and a potential phishing attack leave it vulnerable to compromise