Description
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.
Remediation
References
Related Vulnerabilities
WordPress Plugin St-Daily-Tip Cross-Site Request Forgery (4.7)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22881)
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)
MediaWiki Improper Authentication Vulnerability (CVE-2014-2665)
PHP-Fusion Improper Privilege Management Vulnerability (CVE-2020-24949)