CMS Zope discloses information
An update for the open source platform for content management systems Zope fixes a vulnerability in the docutils module. Using the csv_table directive for restructuring text, it could be possible to gain access to confidential data on a system. According to a bug report, however, only systems which allow non-authenticated users to generate text over the internet are at risk. Versions 2.7.0. to 2.7.9. and 2.8.0. to 2.8.8 are affected. The update also fixes a further, unspecified security problem.
- Hotfix-20060821 README, bug report from Zope
(ehe)