Description
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Filter Gallery Cross-Site Scripting (0.1.5)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)
MySQL CVE-2020-14878 Vulnerability (CVE-2020-14878)
TYPO3 Other Vulnerability (CVE-2012-3530)
WordPress Plugin VK All in One Expansion Unit Cross-Site Scripting (9.85.0.1)