Zope 2.2.0 up to and including 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zope zope 2.2.0b4 |
||
zope zope 2.2.1 |
||
zope zope 2.2.0b2 |
||
zope zope 2.2.0b3 |
||
zope zope 2.2.0a1 |
||
zope zope 2.2.0b1 |
||
zope zope 2.2.3 |
||
zope zope 2.2.4 |
||
zope zope 2.2.0 |
||
zope zope 2.2.1b1 |
||
zope zope 2.2.2 |