2 matches found
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak itself. Keycloak has a security vulnerability, which stems from low-privilege administrators with the view-clients role being able to exploit the evaluate-scopes management API endpoint by passing arbitrary...
CVE-2025-41716 Unauthenticated User Enumeration via Missing Authentication
The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function...