3 matches found
Important: Red Hat Security Advisory: Red Hat support for Spring Boot 2.2.6 security and bug fix update
An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CVE-2020-1697
It was found in all keycloak versions before 9.0.0 that links to external applications Application Links in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further...
CVE-2020-1697
CVE-2020-1697 affects Keycloak versions before 9.0.0 where admin console links to external applications (Application Links) are not validated, allowing an authenticated user to craft links that trigger Stored XSS cross-realm. The issue is evidenced in multiple feeds (Red Hat advisories explicitly...