This allows for bypassing Authorization headers, and for attackers to gain unauthorized access to applications. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1767 Shiro before 1.10.0, XSS Vulnerability in Pre-Auth Reflection in Shiro's MVC Routing.
Versions of Shiro before 1.10.0 are vulnerable to a reflected XSS attack in the pre-auth reflection of Shiro's MVC routing. This allows an attacker to inject a malicious code that can be then executed against the application. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1786 Shiro before 1.10.0, LDAP Denial of Service Vulnerability.
Versions of Shiro before 1.10.0 are vulnerable to a Denial of Service attack due to an unchecked LDAP server response. An attacker can craft a request to make the LDAP server respond with a large number of LDAP entries. An attacker can then repeat this request against the LDAP server sending it an excessive number of entries. This will cause the LDAP server to respond with a Denial of Service error, and prevent further LDAP requests from being processed. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1872 Sh
Shiro before 1.9.0, CSRF Vulnerability in Async Controller Actions
Versions of Shiro before 1.9.0 are vulnerable to a CSRF Vulnerability in the Async Controller Actions. This allows for bypassing authorization headers, and for attackers to gain unauthorized access to applications. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1767 Shiro before 1.10.0, XSS Vulnerability in Pre-Auth Reflection in Shiro's MVC Routing
Versions of Shiro before 1.10.0 are vulnerable to a reflected XSS attack in the pre-auth reflection of Shiro's MVC routing which allows an attacker to inject a malicious code that can be then executed against the application
Shiro Before 1.11.0
Shiro before 1.11.0 is vulnerable to a reflected XSS attack in the pre-auth reflection of Shiro's MVC routing. This allows an attacker to inject a malicious code that can be then executed against the application. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1767
Shiro before 1.10.0, SQL Injection Vulnerability
Versions of Shiro before 1.10.0 are vulnerable to a SQL injection attack due to a missing escape character in the getCurrentUser method. An attacker can inject malicious SQL statements into the application, and have them executed.
Shiro before 1.10.0, SSI Denial of Service Vulnerability
Versions of Shiro before 1.10.0 are vulnerable to a Denial of Service attack due to an unchecked SSI injection. A malicious user can craft a request that will cause the server to respond with a large number of entries. This will cause the server to respond with a Denial of Service error, and prevent further requests from being processed. A fix has been released for this issue: https://issues.apache.org/jira/browse/SHIO-1941
Timeline
Published on: 10/12/2022 07:15:00 UTC
Last modified on: 11/18/2022 19:15:00 UTC
References
- https://lists.apache.org/thread/loc2ktxng32xpy7lfwxto13k4lvnhjwg
- http://www.openwall.com/lists/oss-security/2022/10/12/1
- http://www.openwall.com/lists/oss-security/2022/10/12/2
- http://www.openwall.com/lists/oss-security/2022/10/13/1
- https://security.netapp.com/advisory/ntap-20221118-0005/
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40664