Lucene search
K

keycloak: reflected XSS using HOST header

🗓️ 17 Oct 2017 19:53:19Reported by RedHatType 
redhat
 redhat
🔗 access.redhat.com👁 5 Views

Keycloak accepts HOST header URLs in admin console, enabling reflected cross-site scripting.

Related
Packages
Refs
ReporterTitlePublishedViews
Family
Chainguard
CVE-2017-12158 vulnerabilities
12 Jan 202601:24
cgr
CNVD
Red Hat Keycloak Cross-Site Scripting Vulnerability
27 Oct 201700:00
cnvd
CVE
CVE-2017-12158
26 Oct 201717:00
cve
Cvelist
CVE-2017-12158
26 Oct 201717:00
cvelist
EUVD
EUVD-2022-5267
3 Oct 202520:07
euvd
Github Security Blog
Keycloak Reflected XSS
13 May 202201:38
github
NVD
CVE-2017-12158
26 Oct 201717:29
nvd
OSV
CGA-4W2C-V5HW-5V5C
6 Jun 202412:22
osv
OSV
CGA-V4RP-X7W9-P25F
12 Jan 202601:07
osv
OSV
CLEANSTART-2026-FA60324 It was found that the cookie used for CSRF prevention in Keycloak was not unique to each session
15 Apr 202600:42
osv
Rows per page
OSOS VersionArchitecturePackagePackage VersionFilename
Red Hat Enterprise Linux7anyrh-sso7-keycloak0:2.5.14-1.Final_redhat_1.1.jbcs.el7.noarchrh-sso7-keycloak-0:2.5.14-1.Final_redhat_1.1.jbcs.el7.noarch.noarch.rpm
Red Hat Enterprise Linux7anyrh-sso7-keycloak-server0:2.5.14-1.Final_redhat_1.1.jbcs.el7.noarchrh-sso7-keycloak-server-0:2.5.14-1.Final_redhat_1.1.jbcs.el7.noarch.noarch.rpm

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

28 Jun 2026 12:10Current
5.8Medium risk
Vulners AI Score5.8
CVSS 23.5
CVSS 35.4
EPSS0.01021
5