Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2023-6787
- EPSS 0.42%
- Veröffentlicht 25.04.2024 16:15:10
- Zuletzt bearbeitet 30.06.2025 13:49:15
A flaw was found in Keycloak that occurs from an error in the re-authentication mechanism within org.keycloak.authentication. This flaw allows hijacking an active Keycloak session by triggering a new authentication process with the query parameter "p...
8.1
CVE-2024-1132
- EPSS 0.24%
- Veröffentlicht 17.04.2024 14:15:07
- Zuletzt bearbeitet 30.06.2025 13:58:57
A flaw was found in Keycloak, where it does not properly validate URLs included in a redirect. This issue could allow an attacker to construct a malicious request to bypass validation and access other URLs and sensitive information within the domain ...