Author: bdemers
Date: Mon Aug 17 17:19:25 2020
New Revision: 1880941
URL: http://svn.apache.org/viewvc?rev=1880941&view=rev
Log:
updating shiro site
Modified:
shiro/site/publish/security-reports.html
Modified: shiro/site/publish/security-reports.html
URL:
http://svn.apache.org/viewvc/shiro/site/publish/security-reports.html?rev=1880941&r1=1880940&r2=1880941&view=diff
==============================================================================
--- shiro/site/publish/security-reports.html (original)
+++ shiro/site/publish/security-reports.html Mon Aug 17 17:19:25 2020
@@ -235,6 +235,8 @@
</ul>
<p>A <a href="http://www.apache.org/security/committers.html";>more detailed
description of the process</a> has been written for committers. Reporters of
security vulnerabilities may also find it useful.</p>
<h2><a href="#apache-shiro-vulnerability-reports"
name="apache-shiro-vulnerability-reports">Apache Shiro Vulnerability
Reports</a></h2>
+<h3><a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13933";>CVE-2020-13933</a></h3>
+<p>Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted
HTTP request may cause an authentication bypass.</p>
<h3><a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11989";>CVE-2020-11989</a></h3>
<p>Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic
controllers, a specially crafted request may cause an authentication bypass.</p>
<h3><a
href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1957";>CVE-2020-1957</a></h3>
