[Zope-Annce] Hotfix for cross-site scripting vulnerability

Martijn Pieters mj at zopatista.com
Wed Mar 21 15:20:23 EDT 2007

On 3/20/07, Martijn Pieters <mj at zopatista.com> wrote:
> A vulnerability has been discovered in Zope, where by certain types of
> misuse of HTTP GET, an attacker could gain elevated privileges. All
> Zope versions up to and including 2.10.2 are affected.

This hotfix has been assigned a CVE:


Martijn Pieters

More information about the Zope-Announce mailing list