CVE-2020-1725
CVE-2020-1725 affects Keycloak up to version 13.0.0, where after changing role mappings and token expiry a user may retain access to resources. The underlying issue is improper revocation/refresh handling that allows continued access despite role-change and token expiration. Affected product: Key...