EPSS
Percentile
99.8%
It was found that Apache Shiro uses a default cipher key for its “remember me” feature. An attacker could use this to devise a malicious request parameter and gain access to unauthorized content.
bugzilla.redhat.com/show_bug.cgi?id=1343346