The URL dispatch mechanism in TurboGears2 (aka tg2) before 2.0.2 exposes controller methods even when an @expose decoration is not used, which has unspecified impact and attack vectors.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2010-11-05T22:00:00Z

Updated: 2024-09-17T02:37:16.238Z

Reserved: 2010-11-05T00:00:00Z

Link: CVE-2009-5015

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-11-06T00:00:01.280

Modified: 2024-11-21T01:10:59.603

Link: CVE-2009-5015

cve-icon Redhat

No data.