View at Official ubuntu advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2008-4079 low priority: Ubuntu including 1 source packages (movabletype-opensource), 8 status rows across 8 suites (dapper, feisty, gutsy, hardy, intrepid, jaunty, karmic, upstream): DNE 4, not-affected 2, ignored 1, released 1.
Cross-site scripting (XSS) vulnerability in Movable Type (MT) 4.x through 4.20, and 3.36 and earlier; Movable Type Enterprise 4.x through 4.20, and 1.54 and earlier; and Movable Type Community Solution allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.