Debian Security Advisory
zope -- unauthorized escalation of privilege
- Date Reported:
- 11 Aug 2000
- Affected Packages:
- zope
- Vulnerable:
- Yes
- Security database references:
- No other external database security references currently available.
- More information:
- On versions of Zope prior to 2.2beta1 it was possible for
a user with the ability to edit DTML to gain unauthorized access to extra
roles during a request.
Note: This report has been superseded.
- Fixed in:
- 2000-08-21