Description
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Remediation
References
Related Vulnerabilities
WordPress 5.8.x Multiple Prototype Pollution Vulnerabilities (5.8 - 5.8.3)
WordPress Plugin WPMK Ajax Finder Cross-Site Request Forgery (1.0.1)
WordPress 6.1.x Cross-Site Scripting (6.1 - 6.1.5)
WordPress Plugin Advanced Custom Fields (ACF) Security Bypass (5.12)
Apache Traffic Server Improper Input Validation Vulnerability (CVE-2018-1318)