High
Apache Shiro could allow a remote attacker to bypass security restrictions, caused by a flaw when using Spring. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to bypass access restrictions.
Bypass Security
Upgrade to the latest version of Apache Shiro (1.7.0 or later).