This page lists publicly disclosed CVE vulnerabilities affecting ark-web a-form_pc (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2011-4274 | Cross-site scripting (XSS) vulnerability in the A-Form PC and PC/Mobile before 3.1 plug-ins for Movable Type allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2011-2676. | [email protected] | 4.3 | 0.25% | 2011-11-03 | 2026-04-29 |
| CVE-2011-2676 | The A-Form and A-Form bamboo before 1.3.6 and 2.x before 2.0.3, and A-Form PC and PC/Mobile before 3.1, plug-ins for Movable Type do not require administrative authentication, which allows remote authenticated users to modify data via unspecified vectors. | [email protected] | 5.5 | 0.52% | 2011-11-03 | 2026-04-29 |