CVE-2020-11989
Improper Authentication in maven/org.apache.shiro/shiro-all
Identifiers
CVE-2020-11989
Package Slug
maven/org.apache.shiro/shiro-all
Vulnerability
Improper Authentication
Description
When using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
Affected Versions
All versions before 1.5.3
Solution
Upgrade to version 1.5.3 or above.
Last Modified
2020-06-29
| source |