zope -- cross-site scripting vulnerability

ID 34414A1E-E377-11DB-B8AB-000C76189C4C
Type freebsd
Reporter FreeBSD
Modified 2009-03-22T00:00:00


The Zope Team reports:

A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected.