[org.apache.shiro:shiro-core] Apache Shiro Authentication Bypass vulnerability

Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-40664
• https://lists.apache.org/thread/loc2ktxng32xpy7lfwxto13k4lvnhjwg
• https://shiro.apache.org/blog/2022/10/10/2022/apache-shiro-1101-released.html
• http://www.openwall.com/lists/oss-security/2022/10/12/1
• http://www.openwall.com/lists/oss-security/2022/10/12/2
• http://www.openwall.com/lists/oss-security/2022/10/13/1
• https://github.com/advisories/GHSA-45×9-q6vj-cqgq