Apache Shiro versions prior to 1.3.2, when using a non-root servlet context path, allowed specifically crafted requests can be used to bypass some security servlet filters, resulting in unauthorized access.
Apache Shiro versions prior to 1.3.2, when using a non-root servlet context path, allowed specifically crafted requests can be used to bypass some security servlet filters, resulting in unauthorized access.