Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2001-10-10 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2001-1227
Mitre link : CVE-2001-1227
CVE.ORG link : CVE-2001-1227
JSON object : View
Products Affected
zope
- zope
CWE