CVE-2020-13933

This repository contains a proof-of-concept for CVE-2020-13933, an authentication bypass vulnerability in Apache Shiro versions before 1.6.0. The exploit leverages a discrepancy in path normalization between Shiro and Spring, allowing attackers to bypass authentication by using a semicolon in the URL path.

This repository contains a functional proof-of-concept for CVE-2020-13933, an authentication bypass vulnerability in Apache Shiro. The code demonstrates a misconfiguration in Shiro's URL path matching, allowing unauthorized access to protected endpoints.

This repository contains a writeup for CVE-2020-13933, an Apache Shiro authentication bypass vulnerability. It references a blog post for environment setup and exploitation steps but does not include actual exploit code.

This repository contains a functional proof-of-concept for CVE-2020-13933, an authentication bypass vulnerability in Apache Shiro versions before 1.6.0. The exploit leverages URL-encoded semicolons to bypass authentication checks in Shiro's path normalization logic.