CVE-2000-1212
Zope allows attackers to modify raw image and file data
EPSS 0.86%
Description
Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects, which allows attackers with DTML editing privileges to modify the raw data of these objects.
How to fix CVE-2000-1212
No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.
- PyPI/zope—no fix listed
Is CVE-2000-1212 being exploited?
Low — EPSS is 0.9%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- >= 2.2.0, <= 2.2.4