You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Hotfix-2007-03-20

Log in



Folder icon Hotfix-2007-03-20

This hotfix corrects a cross-site scripting vulnerability in Zope2, where an attacker can use a hidden GET request to leverage a authenticated user's credentials to alter security settings and/or user accounts.

 Title   Type   Size   Modified   Status 
 CVE-2007-0240: Hotfix for cross-site scripting vulnerability Edit object News Item 1 K 2007-03-21 published
 Hotfix-20070320 Edit object Software Release   2007-03-25 published