Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-2256

Опубликовано: 28 июн. 2022
Источник: redhat
CVSS3: 3.8

Описание

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=2101942keycloak: improper input validation permits script injection

3.8 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2022-2256

CVSS3: 3.8
nvd
больше 3 лет назад

A Stored Cross-site scripting (XSS) vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality.

debian логотип

CVE-2022-2256

CVSS3: 3.8
debian
больше 3 лет назад

A Stored Cross-site scripting (XSS) vulnerability was found in keycloa ...

github логотип

GHSA-w9mf-83w3-fv49

CVSS3: 5.4
github
больше 3 лет назад

Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles

3.8 Low

CVSS3