Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-080.php3 - Patch | |
References | () http://www.redhat.com/support/errata/RHSA-2001-072.html - | |
References | () http://www.redhat.com/support/errata/RHSA-2001-115.html - Patch | |
References | () http://www.securityfocus.com/bid/3425 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/7271 - |
Information
Published : 2001-10-10 04:00
Updated : 2024-11-20 23:37
NVD link : CVE-2001-1227
Mitre link : CVE-2001-1227
CVE.ORG link : CVE-2001-1227
JSON object : View
Products Affected
zope
- zope
CWE