Description

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Remediation

References

CVE-2002-0170

Related Vulnerabilities

Dotclear Improper Access Control Vulnerability (CVE-2015-8832)

WordPress Plugin Rezgo Online Booking Cross-Site Scripting (4.1.7)

WordPress Plugin MaxBlogPress Max Banner Ads Cross-Site Scripting (1.9)

WordPress Plugin Social Network Tabs Information Disclosure (1.7.1)

WordPress Plugin WP Social Feed Gallery Cross-Site Request Forgery (2.4.7)

Severity

High

Classification

CVE-2002-0170

Tags

Missing Update Known Vulnerabilities