THREATOPS
THREAT OPSCVEs › CVE-2016-4437

CVE-2016-4437 — Apache Shiro Code Execution Vulnerability

CISA KEVExploited: confirmedApache

Apache Shiro contains a vulnerability which may allow remote attackers to execute code or bypass intended access restrictions via an unspecified request parameter when a cipher key has not been configured for the "remember me" feature.

Vulnerability details

Related reporting