Medium
Apache Shiro could allow a remote attacker to bypass security restrictions, caused by improper authentication validation. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.
Security Bypass
Apache
Apache Shiro 1.5.2
Upgrade to the latest version of Apache Shiro (1.6.0 or later).