Description
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, password and session management.
Apache Shiro before 1.7.1 (when used with Spring), is vulnerable to an authentication bypass vulnerability that allows an attacker to bypass authentication using a specially crafted HTTP request .
Remediation
Uprade to the latest version of Apache Shiro.
References
Related Vulnerabilities
WordPress Plugin Premmerce Wholesale Pricing for WooCommerce Security Bypass (1.1.3)
WordPress Plugin YITH WooCommerce Authorize.net Payment Gateway Security Bypass (1.1.12)
WordPress Plugin Content Aware Sidebars-Unlimited Widget Areas Security Bypass (3.8)
WordPress Plugin Premmerce Variation Swatches for WooCommerce Security Bypass (1.0)