Movable Type mt-comments.cgi Arbitrary External Site Redirection
Remote / Network Access
Loss of Integrity
Movable Type contains a flaw that may allow a malicious user to redirect users to an external URL. The issue is triggered when a user adds comments in the "mt-comments.cgi" script. It is possible that the flaw may allow a user to be tricked into visiting a malicious website resulting in a loss of integrity.
Upgrade to version 3.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.