{“lastseen”:””,”description”:”Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement.”,”published”:”2026-04-08T08:51:45.916Z”,”modified”:”2026-04-08T13:31:08.213Z”,”type”:”cve”,”title”:”CVE-2026-33088″,”source”:”jpcert”,”references”:”https:\/\/movabletype.org\/news\/2026\/04\/mt-907-released.html\\nhttps:\/\/www.sixapart.jp\/movabletype\/news\/2026\/04\/08-1100.html\\nhttps:\/\/jvn.jp\/en\/jp\/JVN66473735\/”,”id”:”CVE-2026-33088″,”bulletinFamily”:””,”cwe”:[“CWE-89″],”cvelist”:null,”sourceData”:”Six Apart Ltd. Movable Type 9.1.0 and earlier\\nSix Apart Ltd. Movable Type 9.0.6 and earlier\\nSix Apart Ltd. Movable Type 8.8.2 and earlier\\nSix Apart Ltd. Movable Type 8.0.9 and earlier\\nSix Apart Ltd. Movable Type Advanced 9.1.0 and earlier\\nSix Apart Ltd. Movable Type Advanced 9.0.6 and earlier\\nSix Apart Ltd. Movable Type Advanced 8.8.2 and earlier\\nSix Apart Ltd. Movable Type Advanced 8.0.9 and earlier\\nSix Apart Ltd. Movable Type Premium 9.1.0 and earlier\\nSix Apart Ltd. Movable Type Premium 9.0.6 and earlier\\nSix Apart Ltd. Movable Type Premium Advanced Edition 9.1.0 and earlier\\nSix Apart Ltd. Movable Type Premium Advanced Edition 9.0.6 and earlier\\nSix Apart Ltd. Movable Type Premium 2.14 and earlier\\nSix Apart Ltd. Movable Type Premium Advanced Edition 2.14 and earlier\\nSix Apart Ltd. Movable Type Premium (MT8-based) 2.14 and earlier\\nSix Apart Ltd. Movable Type 5.1 to 5.18\\nSix Apart Ltd. Movable Type 5.2\\nSix Apart Ltd. Movable Type 5.2.1 to 5.2.13\\nSix Apart Ltd. Movable Type 6.0\\nSix Apart Ltd. Movable Type 6.0.1 to 6.8.8\\nSix Apart Ltd. Movable Type 7 r.4207 to r.5510\\nSix Apart Ltd. Movable Type 8.4.0 to 8.4.4\\nSix Apart Ltd. Movable Type 1.0 to 1.68″,”sourceHref”:””,”cvss”:{“score”:7.3,”severity”:”HIGH”,”vector”:”CVSS:3.0\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L”,”version”:”3.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Movable Type”,”version”:”9.1.0 and earlier”,”vendor”:”Six Apart Ltd.”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Movable Type provided by Six Apart Ltd. contains an SQL Injection vulnerability which may allow an attacker to execute an arbitrary SQL statement.”,”published”:”2026-04-08T08:51:45.916Z”,”modified”:”2026-04-08T13:31:08.213Z”,”type”:”cve”,”title”:”CVE-2026-33088″,”source”:”jpcert”,”references”:”https:\/\/movabletype.org\/news\/2026\/04\/mt-907-released.html\\nhttps:\/\/www.sixapart.jp\/movabletype\/news\/2026\/04\/08-1100.html\\nhttps:\/\/jvn.jp\/en\/jp\/JVN66473735\/”,”id”:”CVE-2026-33088″,”bulletinFamily”:””,”cwe”:[“CWE-89″],”cvelist”:null,”sourceData”:”Six Apart Ltd….<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,47,12,15,13,7,11,5],"class_list":["post-43065","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-73","tag-exploit","tag-high","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n