[zope2-tracker] [Bug 1002242] Re: TALES: Non-simple path expressions may be evaluated in a string expression

Tres Seaver tseaver at palladion.com
Wed May 23 15:33:35 UTC 2012


Thanks for the report:  I wouldn't class it as a security vulnerability, but
merely a failure to enforce the TALES spec:

 http://wiki.zope.org/ZPT/TALESSpecification13

** Changed in: zope.tales
       Status: New => Confirmed

** Changed in: zope.tales
     Assignee: (unassigned) => Tres Seaver (tseaver)

** Visibility changed to: Public

** This bug is no longer flagged as a security vulnerability

-- 
You received this bug notification because you are a member of Zope 2
Developers, which is subscribed to Zope 2.
https://bugs.launchpad.net/bugs/1002242

Title:
  TALES: Non-simple path expressions may be evaluated in a string
  expression

To manage notifications about this bug go to:
https://bugs.launchpad.net/zope.tales/+bug/1002242/+subscriptions


More information about the zope2-tracker mailing list