Description

Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.

Remediation

References

CVE-2002-0170

Related Vulnerabilities

WordPress Plugin Badge Designer Lite For WooCommerce includes Backdoor [Only if downloaded via the vendor website] (1.1.0)

Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.3)

WordPress Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16223)

Moodle Other Vulnerability (CVE-2006-4937)

WordPress Plugin Activity Log Multiple Cross-Site Scripting Vulnerabilities (2.3.2)

Severity

High

Classification

CVE-2002-0170

Tags

Missing Update Known Vulnerabilities