CVE-2022-32532: Apache Shiro: Authentication Bypass Vulnerability

[Brian Demers <bdemers () apache org>]

Description:

Apache Shiro before 1.9.1, A RegexRequestMatcher can be misconfigured
to be bypassed on some servlet containers. Applications using
RegExPatternMatcher with `.` in the regular expression are possibly
vulnerable to an authorization bypass.

Credit:

Apache Shiro would like the thank 4ra1n for reporting this issue.