|
|
Log in / Subscribe / Register

shiro: access control bypass

Package(s):shiro CVE #(s):CVE-2016-6802
Created:September 23, 2016 Updated:September 28, 2016
Description:

From the CVE entry:

Apache Shiro before 1.3.2, when using a non-root servlet context path, specifically crafted requests can be used to by pass some security servlet filters, resulting in unauthorized access.

Alerts:
Fedora FEDORA-2016-744 shiro 2016-09-23
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds