Severity: important
Affected versions:
- Apache Shiro before 1.12.0
- Apache Shiro before 2.0.0-alpha-3
Description:
Apache Shiro, before 1.12.0 or 2.0.0-alpha-3, may be susceptible to a path
traversal attack that results in an authentication bypass when used together
with APIs or other web
+1 (binding)
Thanks Lenny!
regards,
François
On 21/07/2023 22:20, le...@flowlogix.com wrote:
This is a call to vote in favor of releasing Apache Shiro version 2.0.0-alpha-3
Maven Staging repo:
https://repository.apache.org/content/repositories/orgapacheshiro-1052