Home Packages KEV Critical Insights Jobs Pricing

Loading…

Data from OSV.dev, CISA KEV, and FIRST EPSS.Sync status GitHub

CVE-2000-0483 — Zope DocumentTemplate package allows unauthenticated write · VulnScope

CVE-2000-0483

Zope DocumentTemplate package allows unauthenticated write

EPSS 1.5%

Description

The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.

How to fix CVE-2000-0483

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

PyPI/zope—no fix listed

Is CVE-2000-0483 being exploited?

Low — EPSS is 1.5%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, <= 2.2

References (7)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2000-0483
WEBexchange.xforce.ibmcloud.com/vulnerabilities/4716
WEBweb.archive.org/web/20000819120649/http://archives.neohapsis.com/archives/bugtraq/2000-06/0144.html
WEBweb.archive.org/web/20000819123924/http://archives.neohapsis.com/archives/bugtraq/2000-07/0412.html

Metadata

Published: 5/3/2022
Modified: 11/8/2023

Also known as:

GHSA-j5cc-3h6r-jqh4ghsa

WEBweb.archive.org/web/20010702023709/http://www.securityfocus.com/bid/1354

WEBwww.redhat.com/support/errata/RHSA-2000-038.html

WEBwww.zope.org/Products/Zope/Hotfix_06_16_2000/security_alert