Description
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2008-7233 Vulnerability (CVE-2008-7233)
WordPress Plugin FV Flowplayer Video Player Multiple Vulnerabilities (7.3.14.727)
WordPress Plugin WP Activity Log Security Bypass (3.3.1.1)
WordPress Plugin Dropdown and scrollable Text Cross-Site Scripting (2.0)
MediaWiki Resource Management Errors Vulnerability (CVE-2015-2937)