CVE-2020-11989
maven/org.apache.shiro/shiro-all
Improper Authentication
When using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
All versions before 1.5.3
Upgrade to version 1.5.3 or above.
2020-06-29
source |