CVE-2020-17510
maven/org.apache.shiro/shiro-all
Missing Authentication for Critical Function
Apache Shiro, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass.
All versions before 1.7.0
Upgrade to version 1.7.0 or above.
2020-11-16
source |