Keycloak vulnerable to Cross-site Scripting
A flaw was found in Keycloak. Under specific circumstances, HTML entities are not sanitized during user impersonation, resulting in a Cross-site scripting XSS vulnerability. Details This issue is the result of code found in the exception here:...