CVE-2022-40664 Information

Description

Apache Shiro before 1.10.0 Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.

Reference

https://lists.apache.org/thread/loc2ktxng32xpy7lfwxto13k4lvnhjwg http://www.openwall.com/lists/oss-security/2022/10/12/1 http://www.openwall.com/lists/oss-security/2022/10/12/2