CVE-2024-4028

CVE-2024-4028 affects Keycloak. The issue allows a privileged attacker to supply a malicious payload as a permission during admin-console item (Resource/Permissions) creation, resulting in stored XSS. Description and related entries consistently describe this XSS path; exploitation details are no...