First published: Tue Sep 20 2016(Updated: )
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apache Shiro | =1.3.1 | |
debian/shiro | 1.3.2-4+deb11u1 1.3.2-5 | |
=1.3.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.