You are viewing a plain text version of this content. The canonical link for it is here.
Posted to announce@apache.org by Brian Demers <bd...@apache.org> on 2021/09/16 20:22:29 UTC
CVE-2021-41303: Apache Shiro before 1.8.0, when using Apache Shiro
with Spring Boot, a specially crafted HTTP request may cause an
authentication bypass
Description:
Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a
specially crafted HTTP request may cause an authentication bypass.
Users should update to Apache Shiro 1.8.0.
Credit:
Apache Shiro would like to thank tsug0d for reporting this issue.