PBS hack: the HOWTO?

@LulzSec just posted what it claims were the methods used to hack PBS.org.

"PBS.org was not owned by SQL," they write, "PBS.org was owned via a 0day we discovered in mt4 aka MoveableType 4."

Kevin Mitnick, who knows a little about this stuff, responds: "Yeah, they claim it's a bug in mt4... but I doubt they would reveal the vector until much later."

I'd imagine this will become clear soon, after the holiday passes. Background on the incident in this BB post; the mess continued throughout the day today and appears to be ongoing at the time of this blog post.