Public CVE-2020-8559 disclosure

OMERO.server before 5.6.1 allows attackers to bypass the security filters and access hidden objects via a crafted query.