Описание
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| keycloak | itp | package |
EPSS
Связанные уязвимости
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
A log injection flaw was found in Keycloak. A text string may be injected through the authentication form when using the WebAuthn authentication mode. This issue may have a minor impact to the logs integrity.
Keycloak vulnerable to log Injection during WebAuthn authentication or registration
Уязвимость механизма аутентификации WebAuthn программного средства для управления идентификацией и доступом Keycloak, позволяющая нарушителю оказать влияние на целостность защищаемой информации
EPSS