zope -- cross-site scripting vulnerability

2007-01-16T00:00:00
ID 34414A1E-E377-11DB-B8AB-000C76189C4C
Type freebsd
Reporter FreeBSD
Modified 2009-03-22T00:00:00

Description

The Zope Team reports:

A vulnerability has been discovered in Zope, where by certain types of misuse of HTTP GET, an attacker could gain elevated privileges. All Zope versions up to and including 2.10.2 are affected.