Description

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.

Remediation

References

CVE-2001-1227

Related Vulnerabilities

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5338)

WordPress Plugin YITH WooCommerce Zoom Magnifier Security Bypass (1.3.11)

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Multiple Cross-Site Scripting Vulnerabilities (4.0.7)

Liferay Portal CVE-2022-45320 Vulnerability (CVE-2022-45320)

WordPress Plugin Photo Gallery, Images, Slider in Rbs Image Gallery Cross-Site Request Forgery (3.2.9)

Severity

High

Classification

CVE-2001-1227

Tags

Missing Update Known Vulnerabilities