[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[oss-security] CVE-2021-41303: Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass



Description:

Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a
specially crafted HTTP request may cause an authentication bypass.

Users should update to Apache Shiro 1.8.0.

Credit:

Apache Shiro would like to thank tsug0d for reporting this issue.