Swifty Tk

**Name of the Vulnerable Software and Affected Versions** Apache Shiro versions prior to 1.12.0 or 2.0.0-alpha-3 **Description** The issue is related to a path traversal attack that can result in an authentication bypass when Apache Shiro is used together with APIs or other web frameworks that route requests based on non-normalized requests. This can allow a remote attacker to bypass security restrictions by sending specially crafted requests. **Recommendations** Update to Apache Shiro 1.12.0+ or 2.0.0-alpha-3+ to resolve the issue.