Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-hgpg-593r-hhvp

Опубликовано: 09 фев. 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.1

Описание

Cross-site Scripting in Keycloak

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.

Ссылки

Пакеты

Наименование

org.keycloak:keycloak-parent

maven
Затронутые версииВерсия исправления

<= 10.0.1

10.0.2

EPSS

Процентиль: 50%
0.00271
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2020-10748

Дефекты

CWE-79

Связанные уязвимости

redhat логотип

CVE-2020-10748

CVSS3: 6.1
redhat
больше 5 лет назад

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.

nvd логотип

CVE-2020-10748

CVSS3: 6.1
nvd
больше 5 лет назад

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances. This flaw allows an attacker to conduct cross-site scripting or further attacks.

debian логотип

CVE-2020-10748

CVSS3: 6.1
debian
больше 5 лет назад

A flaw was found in Keycloak's data filter, in version 10.0.1, where i ...

EPSS

Процентиль: 50%
0.00271
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2020-10748

Дефекты

CWE-79