Zope 2.2.0 up to and including 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow malicious users to perform unauthorized activities.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zope zope 2.2.1b1 |
||
zope zope 2.2.2 |
||
zope zope 2.2.3 |
||
zope zope 2.2.4 |
||
zope zope 2.2.0b3 |
||
zope zope 2.2.1 |
||
zope zope 2.2.0 |
||
zope zope 2.2.0a1 |
||
zope zope 2.2.0b1 |
||
zope zope 2.2.0b2 |
||
zope zope 2.2.0b4 |