Zope Web Application Server Other Vulnerability (CVE-2000-0725)

Description

Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request.

Remediation

References

CVE-2000-0725

Related Vulnerabilities

Magento Observable Differences in Behavior to Error Inputs Vulnerability (CVE-2020-15151)

WordPress Plugin Business Directory-Easy Listing Directories for WordPress PHP Object Injection (4.1.14)

Oracle Database Server CVE-2011-0882 Vulnerability (CVE-2011-0882)

WordPress Plugin Image Gallery-Responsive Photo Gallery Multiple Unspecified Vulnerabilities (1.9.58)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2403)

Severity

High

Classification

CVE-2000-0725

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities