Description: Apache Shiro before 1.8.0, when using Apache Shiro with Spring Boot, a specially crafted HTTP request may cause an authentication bypass.
Users should update to Apache Shiro 1.8.0. Credit: Apache Shiro would like to thank tsug0d for reporting this issue.