← CVECheck
HomeVulnerabilities

CVE-2001-1278 — HIGH severity vulnerability (Zope before 2.2.4 allows partially trusted users to bypass s)

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.

CVE IDCVE-2001-1278
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-10-10
Last modified2026-04-16
DescriptionZope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →