Description
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
Remediation
References
http://packetstormsecurity.com/files/138709/Apache-Shiro-Filter-Bypass.html
http://www.securityfocus.com/archive/1/539397/100/0/threaded
http://www.securityfocus.com/bid/92947
Related Vulnerabilities
CVE-2017-2651 Vulnerability in maven package org.jenkins-ci.plugins:mailer
CVE-2022-24376 Vulnerability in npm package git-promise
CVE-2018-17196 Vulnerability in maven package org.apache.kafka:kafka-clients
CVE-2022-33891 Vulnerability in maven package org.apache.spark:spark-core_2.12
CVE-2020-4038 Vulnerability in npm package graphql-playground-html