Description

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Remediation

References

CVE-2002-0170

Related Vulnerabilities

WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)

WordPress Plugin Chief Editor Multiple Vulnerabilities (3.7.1)

Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability (CVE-2021-22885)

WordPress Plugin Contact Form Check Tester Cross-Site Scripting (1.0.2)

Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4112)

Severity

High

Classification

CVE-2002-0170

Tags

Missing Update Known Vulnerabilities