Lucene search
K

6 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-0968

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.01149EPSS
Exploits0References11
NVD
NVD
added 2023/09/25 8:15 p.m.41 views

CVE-2022-4137

A reflected cross-site scripting XSS vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be...

8.1CVSS7.2AI score0.01149EPSS
Exploits0References6
OSV
OSV
added 2023/09/25 8:15 p.m.7 views

CVE-2022-4137

A reflected cross-site scripting XSS vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be...

6.1CVSS6.3AI score0.01149EPSS
Exploits0References6
Prion
Prion
added 2023/09/25 8:15 p.m.34 views

Cross site scripting

A reflected cross-site scripting XSS vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be...

5.8CVSS6AI score0.01149EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2023/09/25 7:17 p.m.5390 views

CVE-2022-4137

CVE-2022-4137 is a reflected XSS in Keycloak’s oob OAuth endpoint caused by incorrect null-byte handling. A malicious link can insert an arbitrary URI into a Keycloak error page, and exploitation requires user interaction, potentially compromising user details. Connected sources identify this vul...

8.1CVSS6.2AI score0.01149EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2023/03/01 1:59 p.m.98 views

CVE-2022-4137

A reflected cross-site scripting XSS vulnerability was found in the 'oob' OAuth endpoint due to incorrect null-byte handling. This issue allows a malicious link to insert an arbitrary URI into a Keycloak error page. This flaw requires a user or administrator to interact with a link in order to be...

8.1CVSS2.1AI score0.01149EPSS
Exploits0References3
Rows per page
Query Builder