CVE-2026-48589 | Apache Shiro up to 2.2.0/3.0.0-alpha-1 Jakarta EE redirect

A vulnerability categorized as problematic has been discovered in Apache Shiro up to 2.2.0/3.0.0-alpha-1. Affected is an unknown function of the component Jakarta EE Module. The manipulation results in open redirect.

This vulnerability is reported as CVE-2026-48589. The attack can be launched remotely. No exploit exists.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More