You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@shiro.apache.org by "Brian Demers (Jira)" <ji...@apache.org> on 2020/06/19 14:57:00 UTC

[jira] [Commented] (SHIRO-782) Bypass shiroFilter ACL

    [ https://issues.apache.org/jira/browse/SHIRO-782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17140611#comment-17140611 ] 

Brian Demers commented on SHIRO-782:
------------------------------------

Thank you for keeping the details private to allow for responsible disclosure.  Please don't open a bug report, as the issue needs to be confirmed first.

> Bypass shiroFilter ACL
> ----------------------
>
>                 Key: SHIRO-782
>                 URL: https://issues.apache.org/jira/browse/SHIRO-782
>             Project: Shiro
>          Issue Type: Bug
>          Components: Authorization (access control) 
>    Affects Versions: 1.5.3
>            Reporter: 淚笑
>            Priority: Major
>
> I found a way to bypass shiroFilter's access control,I have emailed details of the vulnerability to security@apache.org,my email address is 1729888211@qq.com



--
This message was sent by Atlassian Jira
(v8.3.4#803005)