Lucene search
K

4 matches found

OSV
OSV
added 2026/04/14 3:30 p.m.7 views

GHSA-M32F-8VH9-2HH3 Keycloak: Arbitrary code execution via Stored Cross-Site Scripting (XSS) in organization selection login page

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with manage-realm or manage-organizations administrative privileges can exploit a Stored Cross-Site Scripting XSS vulnerability. This flaw occurs because the organization.alias is placed into an...

6.9CVSS6AI score0.00226EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2026/04/14 3:30 p.m.9 views

Keycloak: Arbitrary code execution via Stored Cross-Site Scripting (XSS) in organization selection login page

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with manage-realm or manage-organizations administrative privileges can exploit a Stored Cross-Site Scripting XSS vulnerability. This flaw occurs because the organization.alias is placed into an...

6.9CVSS6AI score0.00226EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/14 2:54 p.m.6 views

CVE-2026-37980

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with manage-realm or manage-organizations administrative privileges can exploit a Stored Cross-Site Scripting XSS vulnerability. This flaw occurs because the organization.alias is placed into an...

6.9CVSS6AI score0.00226EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/04/14 2:47 p.m.4 views

CVE-2026-37980

A flaw was found in Keycloak, specifically in the organization selection login page. A remote attacker with manage-realm or manage-organizations administrative privileges can exploit a Stored Cross-Site Scripting XSS vulnerability. This flaw occurs because the organization.alias is placed into an...

6.9CVSS6AI score0.00226EPSS
Exploits0References3
Rows per page
Query Builder