Описание
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:zope:zope:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:zope:zope:2.5.1:*:*:*:*:*:*:*
EPSS
Процентиль: 69%
0.00602
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
redhat
около 23 лет назад
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
debian
почти 23 года назад
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 ...
github
около 3 лет назад
ZCatalog plug-in for Zope allows anonymous users to bypass access restrictions
EPSS
Процентиль: 69%
0.00602
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other