CVE-2022-2668

Опубликовано: 05 авг. 2022

Источник: debian

EPSS Низкий

Описание

An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
keycloak	itp			package

EPSS

Процентиль: 64%

0.00473

Низкий

Связанные уязвимости

CVE-2022-2668

CVSS3: 6.4

redhat

больше 3 лет назад

An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled

CVE-2022-2668

CVSS3: 7.2

nvd

больше 3 лет назад

An issue was discovered in Keycloak that allows arbitrary Javascript to be uploaded for the SAML protocol mapper even if the UPLOAD_SCRIPTS feature is disabled

GHSA-wf7g-7h6h-678v

CVSS3: 7.2

github

больше 3 лет назад

Keycloak SAML javascript protocol mapper: Uploading of scripts through admin console

EPSS

Процентиль: 64%

0.00473

Низкий