org.keycloak:keycloak-services is vulnerable to Improper Authentication. This vulnerability is due to improperly enforcement of token types, allowing an authenticated attacker to exchange a logout token for an access token, potentially accessing data beyond permitted permissions.
CPE | Name | Operator | Version |
---|---|---|---|
keycloak rest services | le | 22.0.5 | |
keycloak rest services | le | 24.0.2 | |
keycloak rest services | le | 22.0.5 | |
keycloak rest services | le | 24.0.2 |