CVE-2020-17510 Information

Description

Apache Shiro before 1.7.0 when using Apache Shiro with Spring a specially crafted HTTP request may cause an authentication bypass.

Reference

https://lists.apache.org/thread.html/r95bdf3703858b5f958b5e190d747421771b430d97095880db91980d6@3Cannounce.apache.org3E https://lists.apache.org/thread.html/rc2cff2538b683d480426393eecf1ce8dd80e052fbef49303b4f47171403Cdev.shiro.apache.org3E