Improper Security Registration for Legacy Object Constructors in Zope 2.2.0 - 2.2.4

Improper Security Registration for Legacy Object Constructors in Zope 2.2.0 - 2.2.4

CVE-2000-1211 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.

Learn more about our Web Application Penetration Testing UK.