Description

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Remediation

References

CVE-2000-1211

Related Vulnerabilities

WordPress Plugin Pike Firewall Information Disclosure (1.4)

Magento Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2020-9582)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-2243)

MySQL CVE-2014-0431 Vulnerability (CVE-2014-0431)

Joomla! Core 3.x.x Directory Traversal (3.0.0 - 3.9.24)

Severity

High

Classification

CVE-2000-1211

Tags

Missing Update Known Vulnerabilities