Apache Shiro before 1.3.2 allows attackers to bypass intended servlet filters and gain access by leveraging use of a non-root servlet context path.
{ "nvd_published_at": "2016-09-20T19:59:00Z", "github_reviewed_at": "2022-11-04T22:45:53Z", "severity": "HIGH", "github_reviewed": true, "cwe_ids": [ "CWE-284" ] }