Products.PluggableAuthService 信息泄露漏洞

Jens Vagelpohl Products.PluggableAuthService is an open source application by Jens Vagelpohl. The product defines a fully pluggable user folder for use by all Zope sites. An information disclosure vulnerability exists in Products.PluggableAuthService that allows anyone to list the names of roles...