Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2022-1438

Disclosure Date: September 20, 2023 (last updated February 25, 2025)
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting (XSS) vulnerability.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0