New: Corgea AI Pentesting — autonomous penetration testing in hours, not weeks
MEDIUM 4.8 Maven

Cross-site Scripting in keycloak

GHSA-484q-784p-8m5h · CVE-2020-10776

Published · Modified

Description

A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. This flaw allows an attacker to perform a Cross-site scripting attack.

Ready to move

Start Securing

Free, no credit card | First findings in minutes