Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2003-04-02T05:00:00
Updated: 2003-03-18T00:00:00
Reserved: 2002-08-16T00:00:00
Link: CVE-2000-1211
JSON object: View
NVD Information
Status : Analyzed
Published: 2000-12-16T05:00:00.000
Modified: 2008-09-05T20:22:55.870
Link: CVE-2000-1211
JSON object: View
Redhat Information
No data.
CWE