2 matches found
CVE-2014-3709
Affected product: JBoss KeyCloak (org.keycloak.services.resources.SocialResource.callback). Root cause: lack of CSRF protection allows remote attackers to perform CSRF attacks. Affected version: before 1.0.3.Final. Impact: CSRF with potential unauthorized actions; no exploitation details provided...
CVE-2014-3709
The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery CSRF attacks by leveraging lack of CSRF protection...