You are not logged in Log in Join
You are here: Home » Download Zope Products » Zope » Hotfix-200400807 » Hotfix-20040807 Alert
Log in
Name

Password

 
Link icon Forgot your password?
Print

Hotfix-20040807 Alert

This hotfix repairs a failed permission check in OFS.CopySupport's cut-paste handling.

Overview

This hotfix addresses a security issue reported in CMF Collector #259 (http://zope.org/Collectors/CMF/259). This issue concerns a defective privilege check in the OFS.CopySupport module, which may permit unprivilieged (but authenticated) users of a site to move content into a folder under their control.

Affected Versions

This issue affects Zope version 2.7.2 and earlier, and has been resolved for Zope version 2.7.3 and later. Users of affected Zope versions should remove the hotfix after upgrading to version 2.7.3 or later.

Getting the Hotfix

The hotfix product is available from the zope.org site

Please see the README.txt for a description of the problem and installation directions for the hotfix.

Comment

Discussion icon Insufficient Privileges

Posted by: peterbe at 2004-08-11

Why do I get Insufficient Privileges when trying to access: http://zope.org/Collectors/CMF/259 ?
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)