AccessControl is vulnerable to sandbox escapes. Attackers can use the str.format
function through web templates to access private content. Note: this is only relevant for projects using Python 2.6 or greater.
CPE | Name | Operator | Version |
---|---|---|---|
accesscontrol | le | 4.0a7 |