Description

PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.

Remediation

References

CVE-2008-5102

Related Vulnerabilities

WordPress Plugin Duplicator-WordPress Migration Security Bypass (0.5.8)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29210)

WordPress Plugin PhotoSmash Galleries 'action' Parameter Cross-Site Scripting (1.0.2)

WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Cross-Site Scripting (1.4.7.2)

ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)

Severity

Medium

Classification

CVE-2008-5102

Tags

Missing Update Known Vulnerabilities