Описание
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
Дополнительная информация
https://bugzilla.redhat.com/show_bug.cgi?id=1616664security flaw
Связанные уязвимости
nvd
почти 24 года назад
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
github
больше 3 лет назад
Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.