Description

Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.

Remediation

References

CVE-2000-1212

Related Vulnerabilities

MySQL CVE-2016-0659 Vulnerability (CVE-2016-0659)

WordPress Plugin Warranties and Returns for WooCommerce Security Bypass (5.2.1)

XWiki CVE-2023-26474 Vulnerability (CVE-2023-26474)

WordPress Plugin IP Logger 'map-details.php' SQL Injection (3.0)

Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-11585)

Severity

Medium

Classification

CVE-2000-1212

Tags

Missing Update Known Vulnerabilities