The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2010-11-05 17:00
Updated : 2010-11-09 10:12
NVD link : CVE-2009-5015
Mitre link : CVE-2009-5015
JSON object : View
CWE
Products Affected
turbogears
- turbogears2