A flaw was found in the Keycloak package. This flaw allows an attacker to benefit from an LDAP query and access existing usernames in the server.
CPE | Name | Operator | Version |
---|---|---|---|
org.keycloak:keycloak-services | lt | 23.0.1 | |
org.keycloak:keycloak-ldap-federation | lt | 23.0.1 |