Description
Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
Remediation
References
http://packetstormsecurity.com/files/138709/Apache-Shiro-Filter-Bypass.html
http://www.securityfocus.com/archive/1/539397/100/0/threaded
http://www.securityfocus.com/bid/92947
Related Vulnerabilities
CVE-2020-13973 Vulnerability in maven package com.mikesamuel:json-sanitizer
CVE-2021-3815 Vulnerability in npm package @fabiocaccamo/utils.js
CVE-2019-20149 Vulnerability in maven package org.webjars.npm:kind-of
CVE-2016-7191 Vulnerability in npm package passport-azure-ad
CVE-2018-20676 Vulnerability in maven package org.fujion.webjars:bootstrap