Auto-merge PR#3209

2025-06-19 17:32:41 +00:00 · 2020-02-06 04:30:21 -05:00 · 2020-02-06 04:30:21 -05:00 · 3cf123375f
commit 3cf123375f
parent d43e65b623 9e75515506
1 changed files with 51 additions and 7 deletions
--- a/2020/5xxx/CVE-2020-5528.json
+++ b/2020/5xxx/CVE-2020-5528.json
@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
    "data_version": "4.0",
-    "CVE_data_meta": {
-        "ID": "CVE-2020-5528",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://movabletype.org/news/2020/02/movable_type_r4605_v720_v653_and_v6311_released.html"
+            },
+            {
+                "url": "http://jvn.jp/en/jp/JVN94435544/index.html"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4603 and earlier (Movable Type 7), Movable Type 6.5.2 and earlier (Movable Type 6.5), Movable Type Advanced 7 r.4603 and earlier (Movable Type Advanced 7), Movable Type Advanced 6.5.2 and earlier (Movable Type Advanced 6.5), Movable Type Premium 1.26 and earlier (Movable Type Premium), and Movable Type Premium Advanced 1.26 and earlier (Movable Type Premium Advanced)) allows remote attackers to inject arbitrary web script or HTML in the block editor and the rich text editor via a specially crafted URL."
+            }
+        ]
+    },
+    "data_type": "CVE",
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "Movable Type 7 r.4603 and earlier (Movable Type 7), Movable Type 6.5.2 and earlier (Movable Type 6.5), Movable Type Advanced 7 r.4603 and earlier (Movable Type Advanced 7), Movable Type Advanced 6.5.2 and earlier (Movable Type Advanced 6.5), Movable Type Premium 1.26 and earlier (Movable Type Premium), and Movable Type Premium Advanced 1.26 and earlier (Movable Type Premium Advanced)"
+                                        }
+                                    ]
+                                },
+                                "product_name": "Movable Type series"
+                            }
+                        ]
+                    },
+                    "vendor_name": "Six Apart Ltd"
+                }
+            ]
+        }
+    },
+    "CVE_data_meta": {
+        "ID": "CVE-2020-5528",
+        "ASSIGNER": "vultures@jpcert.or.jp"
+    },
+    "data_format": "MITRE",
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Cross-site scripting"
+                    }
+                ]
            }
        ]
    }