Apache · Apache Shiro · CVE-2023-46750
**Name of the Vulnerable Software and Affected Versions**
Apache Shiro versions prior to 1.13.0
Apache Shiro versions 2.0.0-alpha-1 through 2.0.0-alpha-3
**Description**
The issue is related to a URL Redirection to Untrusted Site ('Open Redirect') vulnerability when "form" authentication is used in Apache Shiro.
**Recommendations**
Update to Apache Shiro 1.13.0 or later.
Update to Apache Shiro 2.0.0-alpha-4 or later.