Описание
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.
Ссылки
- Issue TrackingVendor Advisory
- Issue TrackingVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:redhat:keycloak_node.js_adapter:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 30%
0.00113
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
CWE-601
Связанные уязвимости
CVSS3: 6.8
redhat
почти 3 года назад
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an attacker to benefit from an Open Redirect vulnerability in the checkSso function.
CVSS3: 6.1
debian
почти 3 года назад
A flaw was found in the Keycloak Node.js Adapter. This flaw allows an ...
CVSS3: 6.1
github
почти 3 года назад
keycloak-connect contains Open redirect vulnerability in the Node.js adapter
EPSS
Процентиль: 30%
0.00113
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-601
CWE-601