Description
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2024-21144 Vulnerability (CVE-2024-21144)
WordPress Plugin WH Testimonials Cross-Site Scripting (3.0.0)
WordPress Plugin WP Infusionsoft WooCommerce Cross-Site Scripting (1.0.8)
SharePoint CVE-2020-0852 Vulnerability (CVE-2020-0852)
WordPress Plugin Secure HTML5 Video Player Cross-Site Scripting (3.14)