ZopeCVEs & Vulnerabilities
51 CVEs affecting Zope products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
51 CVEs→ All vendors
Most Affected Products
zope 526zodb 59restrictedpython 4accesscontrol 3products.pluggableauthservice 2products.genericsetup 1sqlalchemyda 1products.cmfcore 1
CVE-2000-0725HIGH
Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who can edit DTML to add or modify roles by modifying the roles list that is included in a request.
20 Oct 2000
7.2
CVSS
CVE-2000-0483HIGH
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
15 Jun 2000
7.5
CVSS
CVE-2000-0062CRITICAL
The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities.
4 Jan 2000
10.0
CVSS