A vulnerability was found in Keycloak and classified as problematic. This issue affects the function checkLoginIframe. The manipulation leads to permissive cross-domain policy with untrusted domains.
The identification of this vulnerability is CVE-2024-1249. Access to the local network is required for this attack. There is no exploit available. ...
๐ Keycloak up to 13.0.0 cross site scripting [CVE-2021-20195]
๐ 18.71 Punkte
๐ KeyCloak Admin Console Host Header Reflected cross site scripting
๐ 17.72 Punkte
๐ Keycloak up to 11.x redirect_uri cross site scripting
๐ 17.72 Punkte
๐ Keycloak on Red Hat OIDC Logout Endpoint cross-site request forgery
๐ 17.72 Punkte
๐ KeyCloak Admin Console Host Header Reflected Cross Site Scripting
๐ 17.72 Punkte
๐ Vuln: Keycloak CVE-2016-8629 Security Bypass Vulnerability
๐ 16.1 Punkte
๐ Vuln: Keycloak CVE-2017-2585 Security Bypass Vulnerability
๐ 16.1 Punkte
๐ KeyCloak Oauth privilege escalation [CVE-2017-12160]
๐ 16.1 Punkte
๐ KeyCloak CSRF Prevention privilege escalation [CVE-2017-12159]
๐ 16.1 Punkte
๐ Red Hat KeyCloak up to 2.3.x denial of service [CVE-2016-8629]
๐ 16.1 Punkte
๐ Low CVE-2020-1697: Redhat Keycloak
๐ 16.1 Punkte