Description
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
Remediation
References
Related Vulnerabilities
WordPress Plugin Media from FTP PHP Object Injection (9.79)
Internet Information Services Other Vulnerability (CVE-2000-1090)
PHP CVE-2022-31629 Vulnerability (CVE-2022-31629)
WordPress Plugin s2Member Framework 's2_invoice' Parameter Remote Security Bypass (111105)
Python Integer Overflow or Wraparound Vulnerability (CVE-2008-2315)