3 matches found
CVE-2022-1438
CVE-2022-1438 is an XSS vulnerability in Keycloak where HTML entities are not sanitized during user impersonation. Red Hat advisories (RHSA-2023:1043/1044/1045) fix this issue in Red Hat Single Sign-On 7.6.2 on RHEL 7/8/9. The NVD CVSS data indicates a MEDIUM to HIGH impact depending on the vecto...
Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 security update on RHEL 8
New Red Hat Single Sign-On 7.6.2 packages are now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
com.github.vzakharchenko:chillispot-radius-plugin (>=1.4.10 <=1.4.11), com.github.vzakharchenko:cisco-radius-plugin (>=1.4.10 <=1.4.11) +55 more potentially affected by CVE-2022-1438 via org.keycloak:keycloak-services (>=1.0-alpha-1 <=21.0.0)
org.keycloak:keycloak-services MAVEN version =1.0-alpha-1, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =1.4.10, =0.3.0-20.0.1, =0.4.5-20.0.2, =1.3.2, =0.6, =0.2, =0.7 and more Source cves: CVE-2022-1438 Source advisory: OSV:GHSA-W354-2F3C-QVG9...