9 matches found
keycloak: Keycloak: Attacker can re-enable and take over disabled clients via Registration Access Token
A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...
EUVD-2026-39474
A flaw was found in Keycloak's client registration service. A remote attacker, possessing a previously issued Registration Access Token RAT, could exploit this vulnerability to re-enable a client that an administrator had explicitly disabled. This bypasses security controls, allowing the attacker...
PT-2026-52508
Name of the Vulnerable Software and Affected Versions Keycloak affected versions not specified Description A flaw in the client registration service allows a remote attacker with a previously issued Registration Access Token RAT to re-enable a client that was explicitly disabled by an...
EUVD-2022-3693
Malicious code in bioql PyPI...
GHSA-F5CH-36RG-VFCC Cross-Site Request Forgery in Apache CXF Fediz
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
Cross-Site Request Forgery in Apache CXF Fediz
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
Cross site request forgery (csrf)
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
CVE-2017-7662
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...
CVE-2017-7662
Apache CXF Fediz ships with an OpenId Connect OIDC service which has a Client Registration Service, which is a simple web application that allows clients to be created, deleted, etc. A CSRF Cross Style Request Forgery style vulnerability has been found in this web application in Apache CXF Fediz...