Description
PythonScripts in Zope 2 2.11.2 and earlier, as used in Conga and other products, allows remote authenticated users to cause a denial of service (resource consumption or application halt) via certain (1) raise or (2) import statements.
Remediation
References
Related Vulnerabilities
WordPress Plugin Simple:Press-WordPress Forum Arbitrary File Upload (6.6.0)
Envoy mishandles dropped and truncated datagrams Issue (CVE-2020-35471)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-8707)
Atlassian Confluence Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)