Products.GenericSetup 1.4.5: "manage_importAllSteps" unprotected
Bug #850665 reported by
Dieter Maurer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zope CMF buildout |
Fix Released
|
Undecided
|
Tres Seaver |
Bug Description
In "Products.
security.
def manage_
... apparently a copy and paste error.
Changed in zope-cmf: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
Thanks for the report. I have confirmed that the method cannot be
called either via URL or from untrusted code without appropriate permissions.
I am therefore clearing the "security vulnerability" flag on the issue.