Zope 2.7.0 to 2.7.8, 2.8.0 to 2.8.7, and 2.9.0 to 2.9.3 (Zope2) does not disable the "raw" command when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows local users to read arbitrary files.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-07-07 23:05
Updated : 2024-02-28 10:42
NVD link : CVE-2006-3458
Mitre link : CVE-2006-3458
CVE.ORG link : CVE-2006-3458
JSON object : View
Products Affected
zope
- zope
CWE