Description
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Remediation
References
Related Vulnerabilities
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
WordPress Plugin Chief Editor Multiple Vulnerabilities (3.7.1)
WordPress Plugin Contact Form Check Tester Cross-Site Scripting (1.0.2)
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4112)