GitHub Advisory DatabaseGHSA-J5CC-3H6R-JQH4Zope DocumentTemplate package allows unauthenticated write
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
References
www.redhat.com/support/errata/RHSA-2000-038.html
www.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert
exchange.xforce.ibmcloud.com/vulnerabilities/4716
github.com/advisories/GHSA-j5cc-3h6r-jqh4
nvd.nist.gov/vuln/detail/CVE-2000-0483
web.archive.org/web/20000819120649/archives.neohapsis.com/archives/bugtraq/2000-06/0144.html
web.archive.org/web/20000819123924/archives.neohapsis.com/archives/bugtraq/2000-07/0412.html
web.archive.org/web/20010702023709/www.securityfocus.com/bid/1354
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.016 Low
EPSS
Percentile
87.2%