淚笑

**Name of the Vulnerable Software and Affected Versions** Apache Shiro versions prior to 1.5.3 **Description** A specially crafted request may cause an authentication bypass when using Apache Shiro with Spring dynamic controllers. Apache Shiro is a Java security framework that handles authentication, authorization, cryptography, and session management. **Recommendations** For versions prior to 1.5.3, update to version 1.5.3 or later to resolve the issue. As a temporary workaround, consider restricting access to dynamic controllers to minimize the risk of exploitation.